Okay … thanks to Vincent/Lukas, I have a 1.6.2 built that has OpenSSL 1.0.2
statically linked … so this line now works, in so far as letting the server
start up:
bind :443 ssl crt /etc/ssl/cert.pem no-sslv3 ciphers TLSv1.2 alpn
h2,http/1.1
When I hit the server, the haproxy.log file shows:
Dec 16 19:59:14 galera1 haproxy[436]: 24.108.76.221:63643
[16/Dec/2015:19:59:14.120] https-in~ https_appserver/web2 159/0/1/0/160 400 424
- - ---- 0/0/0/0/0 0/0 "PRI * HTTP/2.0”
If I point my browser to, and look at the log file on the web head, it shows
HTTP/2:
24.108.76.221 - - [16/Dec/2015:20:04:10 +0000] "GET / HTTP/2" 200 12024 "-"
"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_2) AppleWebKit/537.36 (KHTML,
like Gecko) Chrome/47.0.2526.106 Safari/537.36”
Web head is running Apache 2.4.18 w/ mod_http2 …
Do I need to add something to the server line for this too?
==
server web2 119.81.152.73:443 weight 1 maxconn 30 check ssl verify none
==
I noticed on
https://www.eclipse.org/jetty/documentation/current/http2-configuring-haproxy.html
that he did ‘mode tcp’ on the https:// ones … tried that, made no difference …
The message I get in the browser is “The webpage is not available …
ERR_SPDY_PROTOCOL_ERROR” … browser I’m using is latest Google Chrome …
Please advise …
