1. 技术文章
  2. why Chrome browser doesn't recognize my http2 server?

why Chrome browser doesn't recognize my http2 server?

十年热恋 提交于 2019-12-17 06:16:27

问题


I setup my Nginx conf as per Digital Ocean paper, and now http2 is available...

But in Chrome (Version 54.0.2840.98 (64-bit)) Dev tool, it's always on HTTP 1/1 :

NAME             METHOD  STATUS  PROTOCOL
shell.js?v=xx..    GET    200     http/1/1

my server is running Ubuntu 16.04 LTS which supports both ALPN & NPN , and the openssl version shipped with it is 1.0.2g

I checked http2 support with this tool siteand the result is : 

Yeah! example.com supports HTTP/2.0. ALPN supported...

Also checking with curl is OK

 $ curl -I --http2 https://www.example.com
  HTTP/2 200 
  server: nginx/1.10.0 (Ubuntu)
  date: Tue, 13 Dec 2016 15:59:13 GMT
  content-type: text/html; charset=utf-8
  content-length: 5603
  x-powered-by: Express
  cache-control: public, max-age=0
  etag: W/"15e3-EUyjnNnyevoQO+tRlVVZxg"
  vary: Accept-Encoding
  strict-transport-security: max-age=63072000; includeSubdomains
  x-frame-options: DENY
  x-content-type-options: nosniff

I also checked with is-http2 cli from my console

is-http2 www.amazon.com
× HTTP/2 not supported by www.amazon.com
Supported protocols: http/1.1

is-http2 www.example.com
✓ HTTP/2  supported by www.example.com
Supported protocols: h2 http/1.1

why Chrome is left behind it ? How can I check it also with Safari (v 10.0.1)


回答1:


Will likely be one of two reasons:

  1. You are using anti-virus software and it is MITM your traffic and so downgrading you to HTTP/1.1. Turn off https traffic monitoring on your AV to connect directly to the server. You can check if this is the case by using an online tool to test your site for HTTP/2 support.

  2. You are using older TLS ciphers and specifically one that Chrome disallows for HTTP/2 (https://http2.github.io/http2-spec/#BadCipherSuites) as per Step 5 of above guide. Scan your site using https://www.ssllabs.com/ssltest/ to check your TLS config and improve it.

The third reason is lack of ALPN support in your SSL/TLS library (i.e. You are using openssl 1.0.1 and need to be one 1.0.2 or later, for example) but you have already confirmed you have ALPN support so skipping that for this answer.




回答2:


I had the same issue. I my case it was because I enabled TLS1.3 in NGINX. See Why is my site not using http/2 while it is http/2 enabled



来源:https://stackoverflow.com/questions/41116072/why-chrome-browser-doesnt-recognize-my-http2-server

标签
google-chrome
nginx
http2
易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!