Chris,
>> NOTES:
>> * HTTP/2 is not supported for non-secured protocol currently.
> I'm no expert, but I thought that h2c was supported.
Actually I tried to configure HTTP/2 in non-secured connector, the
configuration I tried in server.xml is as follows:
<Connector port="8080" protocol="org.apache.coyote.http11.Http11AprProtocol"
connectionTimeout="20000"
redirectPort="8443" >
<UpgradeProtocol className="org.apache.coyote.http2.Http2Protocol" />
</Connector>
When tomcat started, I observed the following log:
17-Nov-2015 08:35:20.149 INFO [main]
org.apache.coyote.http11.AbstractHttp11Protocol.configureUpgradeProtocol The
["http-apr-8080"] connector has been configured to support HTTP upgrade to [h2c]
However, when I tried the server push example:
http://localhost:8080/examples/servlets/serverpush/simpleimage
The following error occurred:
java.lang.UnsupportedOperationException: Server push requests are not supported
by the HTTP/1.1 protocol
org.apache.coyote.http11.Http11Processor.action(Http11Processor.java:937)
org.apache.coyote.Request.action(Request.java:392)
http2.SimpleImagePush.doGet(SimpleImagePush.java:37)
javax.servlet.http.HttpServlet.service(HttpServlet.java:622)
javax.servlet.http.HttpServlet.service(HttpServlet.java:729)
org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:53)
org.apache.catalina.filters.SetCharacterEncodingFilter.doFilter(SetCharacterEncodingFilter.java:108)
Am I missing something?
Best Regards,
Huxing
------------------------------------------------------------------
From:Christopher Schultz <[email protected]>
Time:2015 Nov 17 (Tue) 06:44
To:Tomcat Developers List <[email protected]>
Subject:Re: A step by step guide to try out the HTTP/2 feature in tomcat9
Huxing,
On 11/16/15 3:14 AM, Huxing Zhang wrote:
> Following is a step by step guide for those who are interested in trying out
> the HTTP/2 feature in tomcat9,
> Please correct me if anything is wrong.
>
> Prerequisite:
> * JDK8: suppose you've already installed
> * tomcat 9.0.0.M1:
> Please download from
> https://dist.apache.org/repos/dist/dev/tomcat/tomcat-9/v9.0.0.M1/
> (a release candidate which is calling for votes.)
> * openssl 1.0.2d:
> For Unix:
> 1) build from source code:
> wget https://www.openssl.org/source/openssl-1.0.2d.tar.gz
> tar -xf openssl-1.0.2d.tar.gz
> cd openssl-1.0.2d
> ./config -fPIC --prefix=/path/to/openssl/
> make
> (sudo) make install
>
> For Mac OSX
> 1) build from source code:
> wget https://www.openssl.org/source/openssl-1.0.2d.tar.gz
> tar -xf openssl-1.0.2d.tar.gz
> cd openssl-1.0.2d
> ./Configure darwin64-x86_64-cc --prefix=/path/to/openssl shared
> make
> (sudo) make install
> 2) obtain from brew (recommended, but not tried yet)
+1 for brew, though it wants to install a bunch of things that might
surprise you (I originally used to install gpg, I think). It *does*
allow you to install any number of OpenSSL versions side-by-side,
though. If you use brew to install multiple OpenSSLs, you'll want to
specify which one you are using when building tcnative. You'll want to
point --with-ssl at /usr/local/Cellar/openssl/[version]
Current version of OpenSSL available through Brew is 1.0.2d.
> * apr 1.4.0+ (latest version is 1.5.2)
> build apr 1.5.2 from scratch if not installed:
> download source code from https://apr.apache.org/download.cgi
> tar -xf apr-1.5.2.tar.gz
> cd apr-1.5.2
> ./configure
> make
> (sudo) make install
> * tomcat native 1.2.2 (require apr 1.4.0+)
> For Windows:
> please download the binary release from
> http://tomcat.apache.org/download-native.cgi
> or build from source code(not tried yet)
>
> For Unix/Mac OSX
> download the source code from: http://tomcat.apache.org/download-native.cgi
> tar -xf tomcat-native-1.2.2-src.tar.gz
> cd tomcat-native-1.2.2-src/native
> ./configure --with-apr=/path/to/apr --with-ssl=/path/to/openssl
> make
> (sudo) make install
>
> * Genearte self-signed certificate:
> /path/to/openssl req -x509 -newkey rsa:2048 -keyout /var/tmp/private-key.pem
> -out /var/tmp/cert.pem -days 365
> (with passphrase: tomcat)
>
> Tomcat side configurations(APR connector)
> 1. configure setenv.sh
> CATALINA_OPTS="$CATALINA_OPTS -Djava.library.path=/path/to/your/tcnative/lib"
> 2. configure server.xml
> <Connector port="8443"
> protocol="org.apache.coyote.http11.Http11Nio2Protocol"
> maxThreads="150" SSLEnabled="true">
> <UpgradeProtocol className="org.apache.coyote.http2.Http2Protocol" />
> <SSLHostConfig honorCipherOrder="false" >
> <Certificate certificateKeyFile="/var/tmp/private-key.pem"
> certificateFile="/var/tmp/cert.pem"
> certificateKeyPassword="tomcat"
> type="RSA" />
> </SSLHostConfig>
> </Connector>
> 3. start tomcat
> 4. visit https://localhost:8443/examples/servlets/serverpush/simpleimage
> You should see the image if everything is all right.
>
> Tomcat side configurations(NIO/NIO2 connector, take NIO2 as an example)
> 1. configure server.xml
> <Connector port="8443" protocol="org.apache.coyote.http11.Http11Nio2Protocol"
>
> sslImplementationName="org.apache.tomcat.util.net.openssl.OpenSSLImplementation"
> maxThreads="150" SSLEnabled="true">
> <UpgradeProtocol className="org.apache.coyote.http2.Http2Protocol" />
> <SSLHostConfig honorCipherOrder="false" >
> <Certificate certificateKeyFile="/var/tmp/private-key.pem"
> certificateFile="/var/tmp/cert.pem"
> certificateKeyPassword="tomcat"
> type="RSA" />
> </SSLHostConfig>
> </Connector>
> 2. start tomcat
> 3. visit https://localhost:8443/examples/servlets/serverpush/simpleimage
> You should see the image if everything is all right.
>
> NOTES:
> * HTTP/2 is not supported for non-secured protocol currently.
I'm no expert, but I thought that h2c was supported.
> * HTTP/2 is not supported for JSSE implementation currently.
-chris
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
