httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Max Meyer <redeemerofsouls...@web.de>
Subject Re: [users@httpd] Apache HTTP2 and benchmarking with h2load
Date Thu, 25 Aug 2016 13:27:49 GMT
Hi Stefan,

thanks for your answer.

I did what you suggested. Here is the error.log

-------

[Thu Aug 25 15:19:43.850756 2016] [ssl:info] [pid 4275] AH01887: Init: 
Initializing (virtual) servers for SSL
[Thu Aug 25 15:19:43.850825 2016] [ssl:info] [pid 4275] AH01914: 
Configuring server localhost:443 for SSL protocol
[Thu Aug 25 15:19:43.851048 2016] [ssl:debug] [pid 4275] 
ssl_engine_init.c(413): AH01893: Configuring TLS extension handling
[Thu Aug 25 15:19:43.851269 2016] [ssl:warn] [pid 4275] AH01906: 
localhost:443:0 server certificate is a CA certificate 
(BasicConstraints: CA == TRUE !?)
[Thu Aug 25 15:19:43.851322 2016] [ssl:debug] [pid 4275] 
ssl_util_ssl.c(443): AH02412: [localhost:443] Cert does not match for 
name 'localhost' [subject: O=Internet Widgits Pty Ltd,ST=Some-State,C=AU 
/ issuer: O=Internet Widgits Pty Ltd,ST=Some-State,C=AU / serial: 
DF104C2A1DF0EF15 / notbefore: Jun 13 13:48:30 2016 GMT / notafter: Jun 
13 13:48:30 2017 GMT]
[Thu Aug 25 15:19:43.851331 2016] [ssl:warn] [pid 4275] AH01909: 
localhost:443:0 server certificate does NOT include an ID which matches 
the server name
[Thu Aug 25 15:19:43.851337 2016] [ssl:info] [pid 4275] AH02568: 
Certificate and private key localhost:443:0 configured from 
/etc/ssl/server.crt and /etc/ssl/private.key
[Thu Aug 25 15:19:43.851433 2016] [ssl:info] [pid 4275] AH01876: 
mod_ssl/2.4.23 compiled against Server: Apache/2.4.23, Library: 
OpenSSL/1.0.2h
[Thu Aug 25 15:19:43.851458 2016] [http2:debug] [pid 4275] 
mod_http2.c(101): AH03089: initializing post config dry run
[Thu Aug 25 15:19:43.872030 2016] [ssl:info] [pid 4276] AH01887: Init: 
Initializing (virtual) servers for SSL
[Thu Aug 25 15:19:43.872060 2016] [ssl:info] [pid 4276] AH01914: 
Configuring server localhost:443 for SSL protocol
[Thu Aug 25 15:19:43.872306 2016] [ssl:debug] [pid 4276] 
ssl_engine_init.c(413): AH01893: Configuring TLS extension handling
[Thu Aug 25 15:19:43.872593 2016] [ssl:warn] [pid 4276] AH01906: 
localhost:443:0 server certificate is a CA certificate 
(BasicConstraints: CA == TRUE !?)
[Thu Aug 25 15:19:43.872648 2016] [ssl:debug] [pid 4276] 
ssl_util_ssl.c(443): AH02412: [localhost:443] Cert does not match for 
name 'localhost' [subject: O=Internet Widgits Pty Ltd,ST=Some-State,C=AU 
/ issuer: O=Internet Widgits Pty Ltd,ST=Some-State,C=AU / serial: 
DF104C2A1DF0EF15 / notbefore: Jun 13 13:48:30 2016 GMT / notafter: Jun 
13 13:48:30 2017 GMT]
[Thu Aug 25 15:19:43.872658 2016] [ssl:warn] [pid 4276] AH01909: 
localhost:443:0 server certificate does NOT include an ID which matches 
the server name
[Thu Aug 25 15:19:43.872664 2016] [ssl:info] [pid 4276] AH02568: 
Certificate and private key localhost:443:0 configured from 
/etc/ssl/server.crt and /etc/ssl/private.key
[Thu Aug 25 15:19:43.872768 2016] [ssl:info] [pid 4276] AH01876: 
mod_ssl/2.4.23 compiled against Server: Apache/2.4.23, Library: 
OpenSSL/1.0.2h
[Thu Aug 25 15:19:43.872802 2016] [http2:info] [pid 4276] AH03090: 
mod_http2 (v1.5.11, feats=CHPRIO+SHA256, nghttp2 1.12.0-DEV), 
initializing...
[Thu Aug 25 15:19:43.895209 2016] [mpm_prefork:notice] [pid 4276] 
AH00163: Apache/2.4.23 (Ubuntu) OpenSSL/1.0.2h PHP/5.5.9-1ubuntu4.19 
configured -- resuming normal operations
[Thu Aug 25 15:19:43.895278 2016] [core:notice] [pid 4276] AH00094: 
Command line: '/usr/sbin/apache2'
[Thu Aug 25 15:19:43.895286 2016] [core:debug] [pid 4276] log.c(1546): 
AH02639: Using SO_REUSEPORT: yes (1)
------

Am 25.08.2016 um 15:06 schrieb Stefan Eissing:
> If you add something like
>
>      LogLevel http2:debug
>      LogLevel ssl:debug
>      LogLevel core:debug
>
> you should find information about negotiation in your error.log. Strange
> that Firefox works and h2load does not. I use the later regularly in my tests.
>
> Looking forward to see some log output...
>
>> Am 25.08.2016 um 14:58 schrieb Max Meyer <redeemerofsouls666@web.de>:
>>
>> I am trying to do some benchmarking on different HTTP/2 webservers using "h2load"
from nghttp2.org.
>>
>> I configured Apache with HTTP/2 and in wireshark I can see HTTP/2 traffic when connecting
with a browser like firefox.
>> When I use h2load it falls back to HTTP/1.1 claiming the server does not support
NPN/ALPN.
>> --------------
>> Example:
>>
>> h2load -c1 -n1024 -m1024 myapache
>>
>> starting benchmark...
>> spawning thread #0: 1 total client(s). 1024 total requests
>> TLS Protocol: TLSv1.2
>> Cipher: ECDHE-RSA-AES128-GCM-SHA256
>> No protocol negotiated. Fallback behaviour may be activated
>> Server does not support NPN/ALPN. Falling back to HTTP/1.1.
>> Application protocol: http/1.1
>> ---------------
>>
>> I tested h2load with an nginx installation and there it works fine, so I'm guessing
that it is not a problem on the h2load side.
>>
>> My Apache site configuration looks like this.
>>
>> <IfModule mod_ssl.c>
>>     <VirtualHost _default_:443>
>>         ServerAdmin webmaster@localhost
>>
>>         DocumentRoot /var/www/html
>>         Protocols h2
>>         H2Push on
>>
>>         ErrorLog ${APACHE_LOG_DIR}/error.log
>>         CustomLog ${APACHE_LOG_DIR}/access.log combined
>>
>>         SSLEngine on
>>
>>         SSLCertificateFile    /etc/ssl/server.crt
>>         SSLCertificateKeyFile /etc/ssl/private.key
>>
>>
>>         <FilesMatch "\.(cgi|shtml|phtml|php)$">
>>                 SSLOptions +StdEnvVars
>>         </FilesMatch>
>>         <Directory /usr/lib/cgi-bin>
>>                 SSLOptions +StdEnvVars
>>         </Directory>
>>     </VirtualHost>
>> </IfModule>
>>
>> Apache Version: 2.4.23
>> Openssl: 1.0.2h
>>
>> Does anyone have an idea what might be the problem?
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>> For additional commands, e-mail: users-help@httpd.apache.org
>>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message