Reputation: 3976
Tomcat 9.0.16 Java 11 HTTP/2
Is TLS still a prerequisite for using HTTP/2 on the latest Java and Tomcat? Can I add <UpgradeProtocol className="org.apache.coyote.http2.Http2Protocol"/> to HTTP port 8080 and expect HTTP/2 to work? How to actually test / see that HTTP/2 is actually being used instead of HTTP? Any command line / browswer tool? Thanks.
Upvotes: 1
Views: 3264
Answers (2)
Reputation: 3976
You can use curl -v --http2 localhost:8080 to check the actions after applying the UpgradeProtocol and restarting Tomcat server.
Upvotes: 2
Reputation: 6184
As the HTTP Connector howto states:
HTTP/2 is support is provided for TLS (h2), non-TLS via HTTP upgrade (h2c) and direct HTTP/2 (h2c) connections. To enable HTTP/2 support for an HTTP connector the following UpgradeProtocol element must be nested within the Connector with a className attribute of
org.apache.coyote.http2.Http2Protocol.
This suggests TLS is not a requirement. Question still is if your browser supports h2c upgrade.
Using Firefox, press (F12) to open the developer tools, navigate to Networkanalysis. There you see a table showing several attributes per request. If not present, add the Protocol column which tells you whether HTTP/1, h2c or any other protocol is being used for each request. Chrome also provides protocol information in a similar way:
Simply rightclick a column in the developer tools Netowrk section and you get an overview of all available columns:
Another alternative to debug protocol used by clients is access logging. Simply create a context.xhtml within the default ROOT webapp in \apache-tomcat\webapps\ROOT\META-INF\ with this content:
<?xml version="1.0" encoding="UTF-8"?>
<Context>
<Valve className="org.apache.catalina.valves.AccessLogValve"/>
</Context>
After restarting Tomcat and doing some requests you'll find a \apache-tomcat\logs\localhost_access_log.2019-03-12.txt which exactly states the protocol used for each request:
... - - [12/Mar/2019...] "GET / HTTP/1.1" 200 11488
... - - [12/Mar/2019...] "GET / HTTP/1.1" 200 11488
... - - [12/Mar/2019...] "GET / HTTP/2.0" 200 11468
In my case, both first requests where done using Chrome and Firefox, third request was done using the command curl -v --http2 localhost:8080 you wrote in your other answer.
Upvotes: 1
Related Questions
- Enable TLS 1.2 only in apache-tomcat-9 and Java 8
- How to enable TLS1.2 for tomcat webserver connections We are using tomcat 7.0.82
- How to enable TLS 1.2 in local Tomcat?
- Tomcat 6 and TLSv1.2 In Java
- Configuring Tomcat with HTTPs
- How to configure Tomcat to use TLS v1.2 in OUTBOUND connections
- SSL Tomcat Configuration
- configure Tomcat to support SSL or https
- Configuring SSL with tomcat
- SSL in Tomcat 7