Is TLS still a prerequisite for using HTTP/2 on the latest Java and Tomcat? Can I add <UpgradeProtocol className="org.apache.coyote.http2.Http2Protocol"/>
to HTTP port 8080 and expect HTTP/2 to work? How to actually test / see that HTTP/2 is actually being used instead of HTTP? Any command line / browswer tool? Thanks.
2 Answers
You can use curl -v --http2 localhost:8080
to check the actions after applying the UpgradeProtocol and restarting Tomcat server.
As the HTTP Connector howto states:
HTTP/2 is support is provided for TLS (h2), non-TLS via HTTP upgrade (h2c) and direct HTTP/2 (h2c) connections. To enable HTTP/2 support for an HTTP connector the following UpgradeProtocol element must be nested within the Connector with a className attribute of
org.apache.coyote.http2.Http2Protocol
.
This suggests TLS is not a requirement. Question still is if your browser supports h2c
upgrade.
Using Firefox, press (F12) to open the developer tools, navigate to Networkanalysis. There you see a table showing several attributes per request. If not present, add the Protocol column which tells you whether HTTP/1, h2c or any other protocol is being used for each request. Chrome also provides protocol information in a similar way:
Simply rightclick a column in the developer tools Netowrk section and you get an overview of all available columns:
Another alternative to debug protocol used by clients is access logging. Simply create a context.xhtml
within the default ROOT
webapp in \apache-tomcat\webapps\ROOT\META-INF\
with this content:
<?xml version="1.0" encoding="UTF-8"?>
<Context>
<Valve className="org.apache.catalina.valves.AccessLogValve"/>
</Context>
After restarting Tomcat and doing some requests you'll find a \apache-tomcat\logs\localhost_access_log.2019-03-12.txt
which exactly states the protocol used for each request:
... - - [12/Mar/2019...] "GET / HTTP/1.1" 200 11488
... - - [12/Mar/2019...] "GET / HTTP/1.1" 200 11488
... - - [12/Mar/2019...] "GET / HTTP/2.0" 200 11468
In my case, both first requests where done using Chrome and Firefox, third request was done using the command curl -v --http2 localhost:8080
you wrote in your other answer.
-
Unfortunately there is no "Protocol" information in the Network tab of chrome debugger tool.– khtehCommented Mar 12, 2019 at 8:56
-
@KokHowTeh Did you try to add it? See the hint + figure in my edit.– SelaronCommented Mar 12, 2019 at 9:04
-
Yes I see it now. However, as I do not configure HTTP/2 with TLS, I only see "h2" in the protocol window as apposed to h2c, which is then followed by http/2+quic/43... I am lost at this part as I thought I should expect to see h2c instead. What do I miss?– khtehCommented Mar 12, 2019 at 9:15
-
1@KokHowTeh just added a third protocol debugging alternative.– SelaronCommented Mar 12, 2019 at 10:08
-
1Just to clarify. I see h2 and http/2+quic/43 when the server redirects to https and served from google sites. Others still use http/1.1 This is in line with the fact that Chrome only supports HTTP/2 with TLS.– khtehCommented Mar 13, 2019 at 8:19