Red Hat Summit Red Hat SummitSupportConsoleDéveloppeursCommencer un essaiContact

Ce contenu n'est pas disponible dans la langue sélectionnée.

Chapter 5. Enabling HTTP/2 for the Red Hat JBoss Web Server

The Hypertext Transfer Protocols are standard methods of transmitting data between applications (such as servers and browsers) over the internet.

HTTP/2 improves on HTTP/1.1 by providing enhancements such as:

  • header compression - reducing the size of the header transmitted by omitting implied information, and
  • multiple requests and responses over a single connection - using binary framing to break down response messages, as opposed to textual framing.

Using HTTP/2 with the Red Hat JBoss Web Server:

  • is supported for encrypted connections over TLS (h2).
  • is not supported for unencrypted connections over TCP (h2c).

Prerequisites

  • Root user access (Red Hat Enterprise Linux systems)
  • Red Hat JBoss Web Server 5.0 or higher

  • The following operating system native libraries (provided by jws-5.4.0-application-server-<platform>-<architecture>.zip where available).

    RHEL-8 users needing to run JSSE+OpenSSL or APR, you will need to use Tomcat-Native for it to work properly. The file for Tomcat-Native can be found in the native archive directory. To install OpenSSL and APR, run the following commands: 

# yum install openssl
Copy to Clipboard Toggle word wrap 
# yum install apr
Copy to Clipboard Toggle word wrap

  • A connector that supports the HTTP/2 protocol with SSL enabled. For JBoss Web Server 5.4, the connectors with HTTP/2 protocol support are:

    • The APR Native connector (APR)
    • The NIO connector with JSSE + OpenSSL (JSSE)
    • The NIO2 connector with JSSE + OpenSSL (JSSE)

Procedure

Enable HTTP/2 for a connector:

  1. Add the HTTP/2 upgrade protocol (<UpgradeProtocol className="org.apache.coyote.http2.Http2Protocol" />) to the connector in the server configuration JWS_HOME/tomcat/conf/server.xml.

    For example: 

    <Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol"
           maxThreads="150" SSLEnabled="true">
    <UpgradeProtocol className="org.apache.coyote.http2.Http2Protocol" />
    <SSLHostConfig>
        <Certificate certificateKeystoreFile="/KeyStore.jks"
                     certificateKeystorePassword="changeit"
                     type="RSA" />
    </SSLHostConfig>
</Connector>
    Copy to Clipboard Toggle word wrap

    server.xml contains an example connector definition for the APR protocol with the upgrade protocol to HTTP/2: 

    <Connector port="8443"
           protocol="org.apache.coyote.http11.Http11AprProtocol"
           maxThreads="150" SSLEnabled="true" >
    <UpgradeProtocol className="org.apache.coyote.http2.Http2Protocol" />
    <SSLHostConfig>
        <Certificate certificateKeyFile="conf/localhost-rsa-key.pem"
                     certificateFile="conf/localhost-rsa-cert.pem"
                     certificateChainFile="conf/localhost-rsa-chain.pem"
                     type="RSA" />
    </SSLHostConfig>
</Connector>
    Copy to Clipboard Toggle word wrap

  2. Restart the Red Hat JBoss Web Server as the root user, to apply the changed configuration.

    1. For systemd (Red Hat Enterprise Linux 7) users: 

      # systemctl restart jws5-tomcat.service
      Copy to Clipboard Toggle word wrap

    2. For Red Hat Enterprise Linux users running Red Hat JBoss Web Server using startup.sh: 

      # JWS_HOME/sbin/shudown.sh
# JWS_HOME/sbin/startup.sh
      Copy to Clipboard Toggle word wrap

    3. For Windows Server users: 

      # net restart tomcat9
      Copy to Clipboard Toggle word wrap
Important

Red Hat Enterprise Linux 6 is no longer supported and subsequently was removed from the documentation.

Next Steps

Verify that HTTP/2 is enabled by reviewing the Red Hat JBoss Web Server logs or by using the curl command:

  • Check the console output log (JWS_HOME/tomcat/logs/catalina.out) to verify that the "connector has been configured to support negotiation to [h2]": 

    $ cat JWS_HOME/tomcat/logs/catalina.out | grep 'h2'

06-Apr-2018 04:49:26.201 INFO [main] org.apache.coyote.http11.AbstractHttp11Protocol.configureUpgradeProtocol The ["https-openssl-apr-8443"] connector has been configured to support negotiation to [h2] via ALPN
    Copy to Clipboard Toggle word wrap

  • Or verify using curl (for versions of curl that support HTTP2):

    Note

    To check curl for HTTP/2 support: 

    $ curl -V

curl 7.55.1 (x86_64-redhat-linux-gnu) ...
Release-Date: 2017-08-14
Protocols: dict file ftp ftps gopher http https ...
Features: AsynchDNS IDN IPv6 Largefile GSS-API Kerberos SPNEGO NTLM NTLM_WB SSL libz TLS-SRP HTTP2 UnixSockets HTTPS-proxy Metalink PSL
    Copy to Clipboard Toggle word wrap

    • For example, when the HTTP/2 protocol is inactive: 

      $ curl -I http://<JBoss_Web_Server>:8080/

HTTP/1.1 200
...
      Copy to Clipboard Toggle word wrap

    • But if the HTTP/2 protocol is active, curl returns: 

      $ curl -I https://<JBoss_Web_Server>:8443/

HTTP/2 200
...
      Copy to Clipboard Toggle word wrap

      Where <JBoss_Web_Server> is the URI of the modified connector (such as example.com), and the port number is dependent on your configuration.

Additional Resources

Retour au début
Red Hat logoGithubredditYoutubeTwitter

Apprendre

Essayez, achetez et vendez

Communautés

À propos de la documentation Red Hat

Nous aidons les utilisateurs de Red Hat à innover et à atteindre leurs objectifs grâce à nos produits et services avec un contenu auquel ils peuvent faire confiance. Découvrez nos récentes mises à jour.

Rendre l’open source plus inclusif

Red Hat s'engage à remplacer le langage problématique dans notre code, notre documentation et nos propriétés Web. Pour plus de détails, consultez le Blog Red Hat.

À propos de Red Hat

Nous proposons des solutions renforcées qui facilitent le travail des entreprises sur plusieurs plates-formes et environnements, du centre de données central à la périphérie du réseau.

Theme

© 2025 Red Hat