From version 9 onwards, Tomcat has support for HTTP/2 but not the default. Wanting to work with HTTP/2 with Tomcat, we must have some adjustments in its configuration. In this tutorial, I will guide you.
First of all, you have to make sure that you are using Java 9 or above.
Because of only Java 9 and above supporting for Application-Layer Protocol Negotiation (ALPN). ALPN is a Transport Layer Security extension, which allows Tomcat to choose the version of the HTTP protocol that it will work with.
Currently, I have installed Java 9:
The second step we need to do is modify the server.xml file located in the conf directory of Tomcat.
The definition of HTTP/2 is not required to use a secure connection, but browsers implement it with a secure connection, so we will configure HTTP/2 support for Tomcat with HTTPS protocol.
In the previous tutorial, I have shown you how to configure HTTPS for Tomcat, the content of the Tomcat Connector for HTTPS is as follows:
|
1 2 3 4 5 |
<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true" maxThreads="150" scheme="https" secure="true" clientAuth="false" sslProtocol="TLS" keystoreFile="/Users/Khanh/Documents/tomcat_https" keystorePass="123456" /> |
Now, for HTTP/2 support, we will add a child tag named UpgradeProtocol inside the Connector tag with the following content:
|
1 2 3 4 5 6 7 |
<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true" maxThreads="150" scheme="https" secure="true" clientAuth="false" sslProtocol="TLS" keystoreFile="/Users/Khanh/Documents/tomcat_https" keystorePass="123456"> <UpgradeProtocol className="org.apache.coyote.http2.Http2Protocol"/> </Connector> |
That’s all we need.
To check the results, just visit https://localhost:8443/. If you are using Chrome, right click on the site, select Inspect, then select the Network tab. Refresh the site, you will see the results as follows:
Note the localhost line in the picture, you will see the protocol is h2, which means HTTP/2.
Mike
my server.xml is not working per chrome developer any input would help thanks:
<Connector
port="8380"
SSLEnabled="true"
protocol="org.apache.coyote.http11.Http11NioProtocol"
maxHttpHeaderSize="65536"
connectionTimeout="30000"
enableLookups="false"
URIEncoding="UTF-8"
disableUploadTimeout="true"
server="TIBCO Spotfire Server"
compression="on"
compressibleMimeType="text/html,text/xml,text/plain,text/css,application/json,application/javascript,image/svg+xml,application/xml"
acceptorThreadCount="2"
keepAliveTimeout="30000"
maxKeepAliveRequests="-1"
maxThreads="2000"
scheme="https"
secure="true"
sslProtocol="TLS"
honorCipherOrder="true"
ciphers="TLS_AES_256_GCM_SHA384,TLS_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256"
KeystoreFile="C:\tibco\tss\11.4.1\tomcat\certs\xxxxxxxxx.pfx
KeystorePass="xxxxxxxxx"
Mike
Missing comments to above server.xml this falls bellow the KeystorePass=”xxxxxxxx”
Subramanian
This is my tomcat configuration. Am still getting only http/1.1 while checking in chrome. Please let me know if you find something wrong with my tomcat config:
Thanks in advance
Khanh Nguyen
I don’t see your tomcat configuration.