On 2018-07-20 17:16:40 [-0400], Mike Rotondo wrote: > I expected an update to roll out that fixed the problem
Thank you for the informative bug report. If I put the pieces correctly together then since the point release you have your apache2 server not serving ALPN/h2 but only "normal" http/1.1 as you put it. Am I correct? If so, then this bug should be moved to openssl1.0 because apache2 in Stretch is using libssl1.0.2 and not libssl1.1. Other than that: Could you please check if downgrading either apache2 or libssl1.0.2 helps? The part that puzzles me most is that you received an update to libssl1.0.2 (and libssl1.1) via the point release and not via security which would be a good idea. Like *really* good idea. Now, if you downgrade I bet that downgrading apache2 helps. In that case we could move that report over to apache or close it right away. I speculate on apache because of this piece in its changelog [0]: |Unfortunately, this also removes support for http2 when running on |mpm_prefork. [0] https://tracker.debian.org/news/969425/accepted-apache2-2425-3deb9u5-source-amd64-all-into-proposed-updates-stable-new-proposed-updates/ Sebastian