Hi Thierry, > Le 15 sept. 2018 à 18:06, Thierry Fournier <[email protected]> a écrit > : > > Hi, > > I tried to use per-context options, in order to enable HTTP2 for a short > list of SNI. I just add lines like this: > > /certif1.pem [alpn h2,http/1.1] my-h2-host.com > /certif2.pem my-other-host.com > > This configuration works fine on debian 8 with OpenSSL 1.0.2g, and doesn’t > work on Ubuntu 16.04 with OpenSSL 1.0.2l. > > I compile the OpenSSL debian package 1.0.2g on Ubuntu, and the feature is > enabled. > > My conclusion, is that some version of OpenSSL doesn’t support all per-context > options. > > Do you have an opinion ? >
Are you sure it's not the opposite: doesn't work with 1.0.2g? "Major changes between OpenSSL 1.0.2g and OpenSSL 1.0.2h [3 May 2016] Modify behavior of ALPN to invoke callback after SNI/servername callback, such that updates to the SSL_CTX affect ALPN. » ++ Manu
