Hi,
I have tried my googling and looked for help but I cannot seem to manage to get HTTP2 in enabled for my nextcloud
I am on 18.04 ubuntu with
Server version: Apache/2.4.29 (Ubuntu)
Server built: 2018-10-03T14:41:08
I have enable php-fpm and the recommended modules as shown her linuxbabe description as an example
my virtual host has the protocol line and I think I have enabled all required mods
I still see that my nextcloud instance serves up http1.1.
when I use curl to test on localhost it seems to work, but with the external it does not (see block quotes below)
any help very welcome as I am unsure what to do to make the external server accept h2 externally:
curl -k -v —http2 https://localhost
- Rebuilt URL to: https://localhost/
- Trying 127.0.0.1…
- TCP_NODELAY set
- Connected to localhost (127.0.0.1) port 443 (#0)
- ALPN, offering h2
- ALPN, offering http/1.1
- successfully set certificate verify locations:
- CAfile: /etc/ssl/certs/ca-certificates.crt
CApath: /etc/ssl/certs- TLSv1.2 (OUT), TLS handshake, Client hello (1):
- TLSv1.2 (IN), TLS handshake, Server hello (2):
- TLSv1.2 (IN), TLS handshake, Certificate (11):
- TLSv1.2 (IN), TLS handshake, Server key exchange (12):
- TLSv1.2 (IN), TLS handshake, Server finished (14):
- TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
- TLSv1.2 (OUT), TLS change cipher, Client hello (1):
- TLSv1.2 (OUT), TLS handshake, Finished (20):
- TLSv1.2 (IN), TLS handshake, Finished (20):
- SSL connection using TLSv1.2 / ECDHE-RSA-CHACHA20-POLY1305
- ALPN, server accepted to use h2
- Server certificate:
- subject: CN=
…- Using HTTP2, server supports multi-use
- Connection state changed (HTTP/2 confirmed)
- Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
- Using Stream ID: 1 (easy handle 0x55eff6ede750)
GET / HTTP/2
Host: localhost
User-Agent: curl/7.58.0
Accept: /
…
- Connection state changed (MAX_CONCURRENT_STREAMS updated)!
< HTTP/2 403
< date: Sat, 27 Oct 2018 17:37:52 GMT
< server: Apache/2.4.29 (Ubuntu)
< strict-transport-security: max-age=15552000; includeSubDomains
but with the external address
- Rebuilt URL to: https://www.my.domain/
- Trying qqq.qqq.qqq.qqq…
- TCP_NODELAY set
- Connected to www.my.domain (qqq.qqq.qqq.qqq) port 443 (#0)
- ALPN, offering h2
- ALPN, offering http/1.1
- TLSv1.2 (OUT), TLS handshake, Client hello (1):
- TLSv1.2 (IN), TLS handshake, Server hello (2):
- TLSv1.2 (IN), TLS handshake, Certificate (11):
- TLSv1.2 (IN), TLS handshake, Server key exchange (12):
- TLSv1.2 (IN), TLS handshake, Server finished (14):
- TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
- TLSv1.2 (OUT), TLS change cipher, Client hello (1):
- TLSv1.2 (OUT), TLS handshake, Finished (20):
- TLSv1.2 (IN), TLS handshake, Finished (20):
- SSL connection using TLSv1.2 / ECDHE-RSA-CHACHA20-POLY1305
- SSL connection using TLSv1.2 / ECDHE-RSA-CHACHA20-POLY1305
- ALPN, server accepted to use http/1.1
- Server certificate: