On 17 November 2015 00:49:00 GMT+00:00, Huxing Zhang <huxing....@alibaba-inc.com> wrote: >Chris, > >>> NOTES: >>> * HTTP/2 is not supported for non-secured protocol currently. > >> I'm no expert, but I thought that h2c was supported. > >Actually I tried to configure HTTP/2 in non-secured connector, the >configuration I tried in server.xml is as follows: > ><Connector port="8080" >protocol="org.apache.coyote.http11.Http11AprProtocol" > connectionTimeout="20000" > redirectPort="8443" > > <UpgradeProtocol className="org.apache.coyote.http2.Http2Protocol" /> > </Connector> > >When tomcat started, I observed the following log: >17-Nov-2015 08:35:20.149 INFO [main] >org.apache.coyote.http11.AbstractHttp11Protocol.configureUpgradeProtocol >The ["http-apr-8080"] connector has been configured to support HTTP >upgrade to [h2c] > >However, when I tried the server push example: >http://localhost:8080/examples/servlets/serverpush/simpleimage > >The following error occurred: > >java.lang.UnsupportedOperationException: Server push requests are not >supported by the HTTP/1.1 protocol > > org.apache.coyote.http11.Http11Processor.action(Http11Processor.java:937) > org.apache.coyote.Request.action(Request.java:392) > http2.SimpleImagePush.doGet(SimpleImagePush.java:37) > javax.servlet.http.HttpServlet.service(HttpServlet.java:622) > javax.servlet.http.HttpServlet.service(HttpServlet.java:729) > org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:53) > > org.apache.catalina.filters.SetCharacterEncodingFilter.doFilter(SetCharacterEncodingFilter.java:108) > >Am I missing something? > >Best Regards, >Huxing >------------------------------------------------------------------ >From:Christopher Schultz <ch...@christopherschultz.net> >Time:2015 Nov 17 (Tue) 06:44 >To:Tomcat Developers List <dev@tomcat.apache.org> >Subject:Re: A step by step guide to try out the HTTP/2 feature in >tomcat9 > > >Huxing, > >On 11/16/15 3:14 AM, Huxing Zhang wrote: >> Following is a step by step guide for those who are interested in >trying out the HTTP/2 feature in tomcat9, >> Please correct me if anything is wrong. >> >> Prerequisite: >> * JDK8: suppose you've already installed >> * tomcat 9.0.0.M1: >> Please download from >https://dist.apache.org/repos/dist/dev/tomcat/tomcat-9/v9.0.0.M1/ >> (a release candidate which is calling for votes.) >> * openssl 1.0.2d: >> For Unix: >> 1) build from source code: >> wget https://www.openssl.org/source/openssl-1.0.2d.tar.gz >> tar -xf openssl-1.0.2d.tar.gz >> cd openssl-1.0.2d >> ./config -fPIC --prefix=/path/to/openssl/ >> make >> (sudo) make install >> >> For Mac OSX >> 1) build from source code: >> wget https://www.openssl.org/source/openssl-1.0.2d.tar.gz >> tar -xf openssl-1.0.2d.tar.gz >> cd openssl-1.0.2d >> ./Configure darwin64-x86_64-cc --prefix=/path/to/openssl shared >> make >> (sudo) make install >> 2) obtain from brew (recommended, but not tried yet) > >+1 for brew, though it wants to install a bunch of things that might >surprise you (I originally used to install gpg, I think). It *does* >allow you to install any number of OpenSSL versions side-by-side, >though. If you use brew to install multiple OpenSSLs, you'll want to >specify which one you are using when building tcnative. You'll want to >point --with-ssl at /usr/local/Cellar/openssl/[version] > >Current version of OpenSSL available through Brew is 1.0.2d. > >> * apr 1.4.0+ (latest version is 1.5.2) >> build apr 1.5.2 from scratch if not installed: >> download source code from https://apr.apache.org/download.cgi >> tar -xf apr-1.5.2.tar.gz >> cd apr-1.5.2 >> ./configure >> make >> (sudo) make install >> * tomcat native 1.2.2 (require apr 1.4.0+) >> For Windows: >> please download the binary release from >http://tomcat.apache.org/download-native.cgi >> or build from source code(not tried yet) >> >> For Unix/Mac OSX >> download the source code from: >http://tomcat.apache.org/download-native.cgi >> tar -xf tomcat-native-1.2.2-src.tar.gz >> cd tomcat-native-1.2.2-src/native >> ./configure --with-apr=/path/to/apr --with-ssl=/path/to/openssl >> make >> (sudo) make install >> >> * Genearte self-signed certificate: >> /path/to/openssl req -x509 -newkey rsa:2048 -keyout >/var/tmp/private-key.pem -out /var/tmp/cert.pem -days 365 >> (with passphrase: tomcat) >> >> Tomcat side configurations(APR connector) >> 1. configure setenv.sh >> CATALINA_OPTS="$CATALINA_OPTS >-Djava.library.path=/path/to/your/tcnative/lib" >> 2. configure server.xml >> <Connector port="8443" >protocol="org.apache.coyote.http11.Http11Nio2Protocol" >> maxThreads="150" SSLEnabled="true"> >> <UpgradeProtocol >className="org.apache.coyote.http2.Http2Protocol" /> >> <SSLHostConfig honorCipherOrder="false" > >> <Certificate >certificateKeyFile="/var/tmp/private-key.pem" >> certificateFile="/var/tmp/cert.pem" >> certificateKeyPassword="tomcat" >> type="RSA" /> >> </SSLHostConfig> >> </Connector> >> 3. start tomcat >> 4. visit >https://localhost:8443/examples/servlets/serverpush/simpleimage >> You should see the image if everything is all right. >> >> Tomcat side configurations(NIO/NIO2 connector, take NIO2 as an >example) >> 1. configure server.xml >> <Connector port="8443" >protocol="org.apache.coyote.http11.Http11Nio2Protocol" >> >sslImplementationName="org.apache.tomcat.util.net.openssl.OpenSSLImplementation" >> maxThreads="150" SSLEnabled="true"> >> <UpgradeProtocol >className="org.apache.coyote.http2.Http2Protocol" /> >> <SSLHostConfig honorCipherOrder="false" > >> <Certificate >certificateKeyFile="/var/tmp/private-key.pem" >> certificateFile="/var/tmp/cert.pem" >> certificateKeyPassword="tomcat" >> type="RSA" /> >> </SSLHostConfig> >> </Connector> >> 2. start tomcat >> 3. visit >https://localhost:8443/examples/servlets/serverpush/simpleimage >> You should see the image if everything is all right. >> >> NOTES: >> * HTTP/2 is not supported for non-secured protocol currently. > >I'm no expert, but I thought that h2c was supported. > >> * HTTP/2 is not supported for JSSE implementation currently. > >-chris > >--------------------------------------------------------------------- >To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org >For additional commands, e-mail: dev-h...@tomcat.apache.org > >--------------------------------------------------------------------- >To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org >For additional commands, e-mail: dev-h...@tomcat.apache.org
Most browsers don't support h2c. Tomcat does. You can test this with a recent build of curl. Mark
