trafficserver-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From 彭勇 <p...@pubyun.com>
Subject Re: http2 support on chrome
Date Sun, 12 Mar 2017 15:18:11 GMT
openssl 1.0.2 will be ready for RHEL 7.4.

i can't find a solution to upgrade openssl for centos 7.3 now, as
openssl is a base library of the system.

https://bugzilla.redhat.com/show_bug.cgi?id=1276310

On Sun, Mar 12, 2017 at 11:11 PM, Reindl Harald <h.reindl@thelounge.net> wrote:
>
>
> Am 12.03.2017 um 15:03 schrieb Masaori Koshiba:
>>
>> Hi Peng,
>>
>> If I remember correctly, Chrome stopped NPN support last year. From your
>> log, your ATS is using NPN only.
>> If you're using OpenSSL, the version could be old. OpenSSL has ALPN
>> support from 1.0.2.
>
>
> and RHEL7 has only 1.0.1
> openssl-1.0.1e-60.el7_3.1.x86_64
>
> that' why we are running Fedora for nearly everything for a deacde now
> because all that LTS stuff becomes way too fast annyoing - it's fine for
> storage devices and routers / firewalls and for hosting legacy crap but
> that's it
>
>>> * NPN, negotiated HTTP2 (h2)
>>> ALPN, server did not agree to a protocol
>
>
> https://www.ssllabs.com/ssltest/
>
>> 2017年3月12日(日) 20:49 彭勇 <ppyy@pubyun.com <mailto:ppyy@pubyun.com>>:
>>
>>     i install 6.2.1 stable version on centos 7.
>>
>>     $ rpm -qa|grep traffic
>>     trafficserver-6.2.1-2.el7.centos.x86_64
>>
>>     yes, curl can works fine with http2. and chrome choose http 1.1.
>>
>>     On Sun, Mar 12, 2017 at 6:40 PM, Reindl Harald
>>     <h.reindl@thelounge.net <mailto:h.reindl@thelounge.net>> wrote:
>>     >
>>     >
>>     > Am 12.03.2017 um 10:55 schrieb 彭勇:
>>     >>
>>     >> i setup a ATS,  then enable ssl and http2.
>>     >>
>>     >> curl shows ATS works fine. and chrome 56 shows it use protocal http
>>     >> 1.1 to connect to ATS. is there any  ALPN / NPN negotiating problem
>>     >> between chrome and ATS?
>>     >>
>>     >> how can i serve http2 for chrome?
>>     >
>>     >
>>     > i doubt that you need anything to do, at least with ATS 7.0 curl
>>     don't need
>>     > any param and choses HTTP2 automatically and so every browser can
>>     do - maybe
>>     > your ATS is just outdated?
>>     >
>>     > [harry@srv-rhsoft:~]$ curl --head https://www.thelounge.net/
>>     > HTTP/2.0 200
>>     > date:Sun, 12 Mar 2017 10:38:55 GMT
>>     > x-dns-prefetch-control:off
>>     > x-content-type-options:nosniff
>>     > x-response-time:D=5111 us
>>     > last-modified:Thu, 03 Sep 2015 09:04:29 GMT
>>     > expires:Sun, 12 Mar 2017 12:38:55 GMT
>>     > cache-control:public, proxy-revalidate
>>     > etag:04ea5ea0c7b43fd2fb3ee18d68b96557
>>     > vary:Accept-Encoding,User-Agent
>>     > content-type:text/html; charset=ISO-8859-1
>>     > age:6
>>     > content-length:11658
>>
>>
>>
>>     --
>>     Peng Yong
>>
>
> --
>
> Reindl Harald
> the lounge interactive design GmbH
> A-1060 Vienna, Hofmühlgasse 17
> CTO / CISO / Software-Development
> m: +43 676 40 221 40
> p: +43 1 595 3999 33
> http://www.thelounge.net/



-- 
Peng Yong

Mime
View raw message