leoncamel opened a new issue, #2194: URL: https://github.com/apache/brpc/issues/2194
**Is your feature request related to a problem? (你需要的功能是否与某个问题有关?)** NO **Describe the solution you'd like (描述你期望的解决方法)** In the case we enable SSL, the common sense is we **force** every client to use SSL/TLS connection for security reason. But, In the current implementation, client can connect in both plain-text and SSL/TLS. As defined in `gobal.h` and `global.cpp`, the protocol name is "h2". But, in the [RFC9113: HTTP/2 ](https://www.rfc-editor.org/rfc/rfc9113.html#name-http-2-version-identificati). The "h2" protocol explained as the following: ``` - The string "h2" identifies the protocol where HTTP/2 uses Transport Layer Security (TLS); - The "h2c" string was previously used as a token for use in the HTTP Upgrade mechanism's Upgrade header field ([Section 7.8](https://www.rfc-editor.org/rfc/rfc9110#section-7.8) of [[HTTP](https://www.rfc-editor.org/rfc/rfc9113.html#RFC9110)]). This usage was never widely deployed and is deprecated by this document. The same applies to the HTTP2-Settings header field, which was used with the upgrade to "h2c". ``` So, we just want a feature to complaint to protocol definition: force all client connections to use SSL/TLS if user explicitly **enabled** ssl. **Describe alternatives you've considered (描述你想到的折衷方案)** **Additional context/screenshots (更多上下文/截图)** - https://www.rfc-editor.org/rfc/rfc9113.html -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
