Red Hat SummitEste contenido no está disponible en el idioma seleccionado.
Chapter 7. Enabling HTTP/2 for the Red Hat JBoss Web Server
The Hypertext Transfer Protocols are standard methods of transmitting data between applications (such as servers and browsers) over the internet. HTTP/2 improves on HTTP/1.1 by providing enhancements such as:
- header compression - reducing the size of the header transmitted by omitting implied information, and
- multiple requests and responses over a single connection - using binary framing to break down response messages, as opposed to textual framing.
Using HTTP/2 with the Red Hat JBoss Web Server:
-
is supported for encrypted connections over TLS (
h2). -
is not supported for unencrypted connections over TCP (
h2c).
Prerequisites
- Root user access (Red Hat Enterprise Linux and Solaris systems), or
- Administrative access (Windows Server).
- Red Hat JBoss Web Server 5.0 or higher
The following operating system native libraries (provided by
jws-application-server-5.0.0-<platform>-<architecture>.zipwhere available).Tomcat Native, for example:
jws-5.0/tomcat/lib/libtcnative-1.so
jws-5.0/tomcat/lib/libtcnative-1.soCopy to Clipboard Copied! Toggle word wrap Toggle overflow Apache Portable Runtime (APR):
jws-5.0/tomcat/lib/libapr-1.so.0.6.3
jws-5.0/tomcat/lib/libapr-1.so.0.6.3Copy to Clipboard Copied! Toggle word wrap Toggle overflow Where the APR libraries are provided by
jws-application-server-5.0.0-<platform>-<architecture>.zipfor Red Hat Enterprise Linux, the libraries will be a symbolic link to:jws-5.0/jbcs-apr-1.6.3/lib64/libapr-1.so.0.6.3
jws-5.0/jbcs-apr-1.6.3/lib64/libapr-1.so.0.6.3Copy to Clipboard Copied! Toggle word wrap Toggle overflow OpenSSL, for example:
jws-5.0/tomcat/lib/libcrypto.so.1.0.2n jws-5.0/tomcat/lib/libssl.so.1.0.2n
jws-5.0/tomcat/lib/libcrypto.so.1.0.2n jws-5.0/tomcat/lib/libssl.so.1.0.2nCopy to Clipboard Copied! Toggle word wrap Toggle overflow Where the OpenSSL libraries are provided by
jws-application-server-5.0.0-<platform>-<architecture>.zipfor Red Hat Enterprise Linux, the libraries will be symbolic links to:jws-5.0/jbcs-openssl-1.0.2n/openssl/lib64/libcrypto.so.1.0.2n jws-5.0/jbcs-openssl-1.0.2n/openssl/lib64/libssl.so.1.0.2n
jws-5.0/jbcs-openssl-1.0.2n/openssl/lib64/libcrypto.so.1.0.2n jws-5.0/jbcs-openssl-1.0.2n/openssl/lib64/libssl.so.1.0.2nCopy to Clipboard Copied! Toggle word wrap Toggle overflow
A connector that supports the HTTP/2 protocol with SSL enabled. For JBoss Web Server 5.0, the connectors with HTTP/2 protocol support are:
- The APR Native connector (APR)
- The NIO connector with JSSE + OpenSSL (JSSE)
- The NIO2 connector with JSSE + OpenSSL (JSSE)
Procedure
Enable HTTP/2 for a connector:
Add the HTTP/2 upgrade protocol (
<UpgradeProtocol className="org.apache.coyote.http2.Http2Protocol" />) to the connector in the server configurationJWS_HOME/tomcat/conf/server.xml.For example:
Copy to Clipboard Copied! Toggle word wrap Toggle overflow server.xmlcontains an example connector definition for the APR protocol with the upgrade protocol to HTTP/2:Copy to Clipboard Copied! Toggle word wrap Toggle overflow Restart the Red Hat JBoss Web Server as the root user, to apply the changed configuration.
For SysV (Red Hat Enterprise Linux 6) users:
service jws5-tomcat restart
# service jws5-tomcat restartCopy to Clipboard Copied! Toggle word wrap Toggle overflow For systemd (Red Hat Enterprise Linux 7) users:
systemctl restart jws5-tomcat.service
# systemctl restart jws5-tomcat.serviceCopy to Clipboard Copied! Toggle word wrap Toggle overflow For Red Hat Enterprise Linux users running Red Hat JBoss Web Server using
startup.sh:JWS_HOME/sbin/shudown.sh JWS_HOME/sbin/startup.sh
# JWS_HOME/sbin/shudown.sh # JWS_HOME/sbin/startup.shCopy to Clipboard Copied! Toggle word wrap Toggle overflow For Solaris users:
sh JWS_HOME/tomcat/bin/daemon.sh stop sh JWS_HOME/tomcat/bin/daemon.sh start
# sh JWS_HOME/tomcat/bin/daemon.sh stop # sh JWS_HOME/tomcat/bin/daemon.sh startCopy to Clipboard Copied! Toggle word wrap Toggle overflow For Windows Server users:
net restart tomcat9
# net restart tomcat9Copy to Clipboard Copied! Toggle word wrap Toggle overflow
Next Steps
Verify that HTTP/2 is enabled by reviewing the Red Hat JBoss Web Server logs or by using the curl command:
Check the console output log (
JWS_HOME/tomcat/logs/catalina.out) to verify that the "connector has been configured to support negotiation to [h2]":cat JWS_HOME/tomcat/logs/catalina.out | grep 'h2' 06-Apr-2018 04:49:26.201 INFO [main] org.apache.coyote.http11.AbstractHttp11Protocol.configureUpgradeProtocol The ["https-openssl-apr-8443"] connector has been configured to support negotiation to [h2] via ALPN
$ cat JWS_HOME/tomcat/logs/catalina.out | grep 'h2' 06-Apr-2018 04:49:26.201 INFO [main] org.apache.coyote.http11.AbstractHttp11Protocol.configureUpgradeProtocol The ["https-openssl-apr-8443"] connector has been configured to support negotiation to [h2] via ALPNCopy to Clipboard Copied! Toggle word wrap Toggle overflow Or verify using
curl(for versions ofcurlthat supportHTTP2):NoteTo check
curlfor HTTP/2 support:Copy to Clipboard Copied! Toggle word wrap Toggle overflow For example, when the HTTP/2 protocol is inactive:
curl -I http://<JBoss_Web_Server>:8080/
$ curl -I http://<JBoss_Web_Server>:8080/ HTTP/1.1 200 ...Copy to Clipboard Copied! Toggle word wrap Toggle overflow But if the HTTP/2 protocol is active,
curlreturns:curl -I https://<JBoss_Web_Server>:8443/
$ curl -I https://<JBoss_Web_Server>:8443/ HTTP/2 200 ...Copy to Clipboard Copied! Toggle word wrap Toggle overflow Where <JBoss_Web_Server> is the URI of the modified connector (such as
example.com), and the port number is dependent on your configuration.
Additional Resources
- For additional information on using HTTP/2, see: Apache Tomcat 9 Configuration Reference: The HTTP Connector - HTTP/2 Support.
- For information on the HTTP/2 Upgrade Protocol and the supported attributes, see: Apache Tomcat 9 Configuration Reference: The HTTP2 Upgrade Protocol.
- The proposed internet standard for HTTP/2: IETF: RFC 7540 - Hypertext Transfer Protocol Version 2 (HTTP/2)
'%20d='M201.5%20305.5c-13.8%200-24.9-11.1-24.9-24.6%200-13.8%2011.1-24.9%2024.9-24.9%2013.6%200%2024.6%2011.1%2024.6%2024.9%200%2013.6-11.1%2024.6-24.6%2024.6zM504%20256c0%20137-111%20248-248%20248S8%20393%208%20256%20119%208%20256%208s248%20111%20248%20248zm-132.3-41.2c-9.4%200-17.7%203.9-23.8%2010-22.4-15.5-52.6-25.5-86.1-26.6l17.4-78.3%2055.4%2012.5c0%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.3%2024.9-24.9s-11.1-24.9-24.9-24.9c-9.7%200-18%205.8-22.1%2013.8l-61.2-13.6c-3-.8-6.1%201.4-6.9%204.4l-19.1%2086.4c-33.2%201.4-63.1%2011.3-85.5%2026.8-6.1-6.4-14.7-10.2-24.1-10.2-34.9%200-46.3%2046.9-14.4%2062.8-1.1%205-1.7%2010.2-1.7%2015.5%200%2052.6%2059.2%2095.2%20132%2095.2%2073.1%200%20132.3-42.6%20132.3-95.2%200-5.3-.6-10.8-1.9-15.8%2031.3-16%2019.8-62.5-14.9-62.5zM302.8%20331c-18.2%2018.2-76.1%2017.9-93.6%200-2.2-2.2-6.1-2.2-8.3%200-2.5%202.5-2.5%206.4%200%208.6%2022.8%2022.8%2087.3%2022.8%20110.2%200%202.5-2.2%202.5-6.1%200-8.6-2.2-2.2-6.1-2.2-8.3%200zm7.7-75c-13.6%200-24.6%2011.1-24.6%2024.9%200%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.1%2024.9-24.6%200-13.8-11-24.9-24.9-24.9z'/%3e%3c/svg%3e){kind=small}