trafficserver-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Leif Hedstrom <zw...@apache.org>
Subject Re: http2 support on chrome
Date Sun, 12 Mar 2017 15:21:47 GMT
You can always build your own OpenSSL, installed in a separate directory (don't mess with the
system OpenSSL). And then tell ATS configure to use that tree. That's what most of us do on
the older distros.

-- Leif 


> On Mar 12, 2017, at 9:18 AM, 彭勇 <ppyy@pubyun.com> wrote:
> 
> openssl 1.0.2 will be ready for RHEL 7.4.
> 
> i can't find a solution to upgrade openssl for centos 7.3 now, as
> openssl is a base library of the system.
> 
> https://bugzilla.redhat.com/show_bug.cgi?id=1276310
> 
>> On Sun, Mar 12, 2017 at 11:11 PM, Reindl Harald <h.reindl@thelounge.net> wrote:
>> 
>> 
>>> Am 12.03.2017 um 15:03 schrieb Masaori Koshiba:
>>> 
>>> Hi Peng,
>>> 
>>> If I remember correctly, Chrome stopped NPN support last year. From your
>>> log, your ATS is using NPN only.
>>> If you're using OpenSSL, the version could be old. OpenSSL has ALPN
>>> support from 1.0.2.
>> 
>> 
>> and RHEL7 has only 1.0.1
>> openssl-1.0.1e-60.el7_3.1.x86_64
>> 
>> that' why we are running Fedora for nearly everything for a deacde now
>> because all that LTS stuff becomes way too fast annyoing - it's fine for
>> storage devices and routers / firewalls and for hosting legacy crap but
>> that's it
>> 
>>>> * NPN, negotiated HTTP2 (h2)
>>>> ALPN, server did not agree to a protocol
>> 
>> 
>> https://www.ssllabs.com/ssltest/
>> 
>>> 2017年3月12日(日) 20:49 彭勇 <ppyy@pubyun.com <mailto:ppyy@pubyun.com>>:
>>> 
>>>    i install 6.2.1 stable version on centos 7.
>>> 
>>>    $ rpm -qa|grep traffic
>>>    trafficserver-6.2.1-2.el7.centos.x86_64
>>> 
>>>    yes, curl can works fine with http2. and chrome choose http 1.1.
>>> 
>>>    On Sun, Mar 12, 2017 at 6:40 PM, Reindl Harald
>>>    <h.reindl@thelounge.net <mailto:h.reindl@thelounge.net>> wrote:
>>>> 
>>>> 
>>>>> Am 12.03.2017 um 10:55 schrieb 彭勇:
>>>>> 
>>>>> i setup a ATS,  then enable ssl and http2.
>>>>> 
>>>>> curl shows ATS works fine. and chrome 56 shows it use protocal http
>>>>> 1.1 to connect to ATS. is there any  ALPN / NPN negotiating problem
>>>>> between chrome and ATS?
>>>>> 
>>>>> how can i serve http2 for chrome?
>>>> 
>>>> 
>>>> i doubt that you need anything to do, at least with ATS 7.0 curl
>>>    don't need
>>>> any param and choses HTTP2 automatically and so every browser can
>>>    do - maybe
>>>> your ATS is just outdated?
>>>> 
>>>> [harry@srv-rhsoft:~]$ curl --head https://www.thelounge.net/
>>>> HTTP/2.0 200
>>>> date:Sun, 12 Mar 2017 10:38:55 GMT
>>>> x-dns-prefetch-control:off
>>>> x-content-type-options:nosniff
>>>> x-response-time:D=5111 us
>>>> last-modified:Thu, 03 Sep 2015 09:04:29 GMT
>>>> expires:Sun, 12 Mar 2017 12:38:55 GMT
>>>> cache-control:public, proxy-revalidate
>>>> etag:04ea5ea0c7b43fd2fb3ee18d68b96557
>>>> vary:Accept-Encoding,User-Agent
>>>> content-type:text/html; charset=ISO-8859-1
>>>> age:6
>>>> content-length:11658
>>> 
>>> 
>>> 
>>>    --
>>>    Peng Yong
>>> 
>> 
>> --
>> 
>> Reindl Harald
>> the lounge interactive design GmbH
>> A-1060 Vienna, Hofmühlgasse 17
>> CTO / CISO / Software-Development
>> m: +43 676 40 221 40
>> p: +43 1 595 3999 33
>> http://www.thelounge.net/
> 
> 
> 
> -- 
> Peng Yong


Mime
View raw message