HTTP-2.0 Configuration of Nginx Learning

Source: Internet
Author: User
Tags openssl openssl version

Oops, accidentally own blog is also http/2.0, a period of time on the site of the HTTPS migration and on the CDN, the final result is this jiangzi (key small green locks, security signs and http/2.0 requests).


With the rapid development of the Internet, the http1.x protocol has developed rapidly, but when a page contains dozens of requests, the limitations of the http1.x protocol are exposed: each request and response requires a separate link to make the request (the connection field solves some of the problem), Waste of resources. Each request and response needs to add complete header information, and the application data transfer is less efficient. By default, encryption is not performed, and data is easily monitored and tampered with during transmission.

The HTTP/2 agreement was released in the official version on May 14, 2015. HTTP2 was born to solve the problem that http1.x exposed.

Speaking of HTTP2 had to mention Spdy.
Due to http1.x exposure, Google has designed a new protocol called Spdy. Spdy introduces a new logic layer in the TCP layer and HTTP layer of the five-tier protocol stack to improve efficiency. The spdy is an intermediate layer that is well compatible with the HTTP layer and does not need to modify the HTTP layer to improve the speed of application data transfer.
Spdy through multiplexing technology, the client and server only need to maintain a link to multiple data interaction, improve communication efficiency.
And HTTP2 Pence was developed based on the idea of Spdy.
By introducing the concept of flow and frame, we inherit the multiplexing of spdy and add some practical features.

What are the characteristics of HTTP2? The HTTP2 features not only address the above-mentioned issues, but also some features that make the HTTP protocol more usable. Multiplexing

The use of multiplexing allows for delayed reductions.
Each Frame Header has a Stream ID that is used to implement the feature. Each request/response uses a different Stream ID. Just like the packets on the same TCP link are ip:port to identify where the packets go. With the Stream ID, all requests and responses can be happily run on a TCP link at the same time.
When a stream is concurrent, it involves the priority and dependency of the stream. Streams with high priority are sent preferentially. Picture requests are prioritized less than CSS and SCRIPT, and this design ensures that important things can be loaded first.
It is straightforward to say that all requests are done concurrently through a TCP connection. http/1.x Although the pipeline can also be requested concurrently, but the response between multiple requests will be blocked, so pipeline has not been popularized, and HTTP/2 to achieve real concurrent requests, while the stream also supports priority and flow control. Compression Header information

HTTP/2 uses HPACK to compress the message header, which can save the traffic of the network that the message header occupies. and http/1.x each request, will carry a large number of redundant head information, wasting a lot of bandwidth resources. Header compression is a good solution to this problem. transferring data in binary format

The HTTP/2 transmits data in a binary format. Binary format brings more advantages and possibilities in protocol parsing and optimization expansion. support for service-side push messages to clients

When the server needs to proactively push a resource, a frame of Type push_promise is sent with a new Stream ID with push required. This means telling the client: Next I'll send you something with this ID, and the client is ready to go. When the client parses a Frame, it discovers that it is a push_promise type and prepares to receive the stream to be pushed by the server.
This allows the server to push resources to the client faster. For example, the server can actively push JS and CSS files to the client, without the need for the client to parse HTML and send these requests. When the client needs it, it is already on the client.

It is also important to note that HTTP2 is currently used in the actual use, only for the HTTPS protocol scenario, through the handshake phase ClientHello and Serverhello extension field negotiation, so the current HTTP2 usage scenarios, are the default security encryption. Nginx enable HTTP/2 support Precautions

Linux checks the OpenSSL version version, the current version is 1.0.1e, and if HTTP2 does not take effect it may be an issue with OpenSSL.

Nginx is after 1.9.5 support HTTP/2, the lower version please upgrade first. New HTTP/2 Module

Since the previously installed Nginx is not configured Http_v2_module, all to recompile, remember not to perform the installation operation.

Switch to the Nginx source directory to do the following operations, Pcre and Zlib is the blogger's own installation directory.

./configure--prefix=/usr/local/nginx--sbin-path=/usr/local/nginx/nginx--conf-path=/usr/local/nginx/nginx.conf- -pid-path=/usr/local/nginx/  --with-http_v2_module  

And then perform the compilation


After successful execution, the source directory will generate a Objs folder, the inside of the Nginx copy Nginx to the specified installation directory.

Cp/home/tools/nginx-1.10.3/objs/nginx  /usr/local/nginx

Re-start Nginx

Check if the installation is successful and there will be with-http_v2_module in the configuration after success


Finally you only need to add in the configuration

server {

 listen 443 SSL http2;

Verify the site's support for HTTP/2

Method One: Browse the website at the same time browser access verification site to HTTP/2 support, if your site also appears here to explain the configuration success.

Method Two: Online test address:

Certification Level A

Method Three: Google browser download HTTP/2 and SPDY indicator plug-in, after successful installation, browse to open the HTTP2 site, the upper right corner will show Blue Lightning.


In fact, the site before the configuration of http/2.0 is already a small blue lightning, is it because the CDN enabled.

After configuring http/2.0, although the Firefox Web request is http/2.0, the background log (all dynamic requests) is http/1.1.

CDN is using Alibaba cloud service, perhaps Ali's Cdn has already realized http/2.0 technology.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.