HTTP/2 is the next generation version of the HTTP protocol, designed to improve performance, reduce latency and optimize communication efficiency in modern network environments. With Nginx configuration of HTTP/2, it can take advantage of its multiplexing, head compression and traffic priority capabilities to provide users with a faster and safer access experience.
1. Overview of HTTP/2 protocol
/2
HTTP/2 is an upgraded version of the HTTP protocol (RFC 7540) released in 2015. While retaining HTTP core semantics (such as request methods, status codes, URIs and header fields), it fully optimizes the underlying transport mechanism, with the main goals being to improve performance, reduce latency and optimize resource loading.
2. Core features of HTTP/2
Multiplexing:
- Send multiple requests and responses simultaneously on a single TCP connection without establishing a separate connection for each request.
- Eliminates head-on blocking in HTTP/1.1.
Head compression (HPACK):
Compress HTTP headers with efficient binary encoding to reduce the overhead of repeatedly transferring the same header fields.
Stream Prioritization:
Different requests can be assigned priority and the loading order of key resources can be optimized.
Server Push:
The server can actively push resources (such as CSS, JS files) before the client requests.
More secure (usually via HTTPS):
Although HTTP/2 does not encrypt forcefully, mainstream browsers require use via HTTPS.
3. Advantages of HTTP/2
Faster page loading speed.
Higher bandwidth utilization.
Reduces latency and connection overhead.
Improved access experience in mobile network environment.
2. Nginx supports HTTP/2 environment requirements
1. Software version requirements
Nginx version:
- HTTP/2 support is introduced starting from 1.9.5.
- Recommended to use 1.21 or later for the latest optimizations and features.
OpenSSL version:
- When HTTP/2 is enabled, TLS negotiation requires support for ALPN (Application-Layer Protocol Negotiation).
- OpenSSL version must be 1.0.2 or higher.
2. Hardware requirements
Without special hardware requirements, HTTP/2 multiplexing may increase the server's CPU and memory usage.
3. Detailed tutorial on Nginx configuration HTTP/2
Here are the complete steps to configure Nginx to support HTTP/2.
1. Install or upgrade Nginx
Check the current Nginx version
nginx -v
- If the version is lower than 1.9.5, you need to upgrade.
- If the output contains --with-http_v2_module, it means that Nginx currently supports HTTP/2.
- If there is no --with-http_v2_module, it means that Nginx does not currently support HTTP/2. Nginx needs to be reinstalled or compiled.
2. Configure HTTPS
HTTP/2 usually requires HTTPS, so SSL/TLS needs to be configured first.
2.1 Generate a self-signed certificate (for testing only)
sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 \
-keyout /etc/nginx/ssl/ \
-out /etc/nginx/ssl/
2.2 Installing SSL Certificate (production environment)
3. Configure Nginx to support HTTP/2
Edit Nginx configuration files (such as /etc/nginx/ or /etc/nginx//):
Basic configuration
server {
listen 8185 ssl http2;
ssl_protocols TLSv1.3 TLSv1.2; # Use only TLS 1.3 and 1.2 ssl_prefer_server_ciphers off; # Priority to using server-side encryption suites ssl_ciphers ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-ECDSA
-AES256-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384;
ssl_certificate /yourpath/; # Replace certificate file path ssl_certificate_key /yourpath/; # Replace private key file path
# HTTP/2 parameter optimization http2_max_concurrent_streams 128;
large_client_header_buffers 4 32k;
server_name localhost;
root /usr/share/nginx/html/dist/;
#Other configurations # ……
}
listen 8185 ssl http2;:
- This line configuration enables SSL and HTTP/2.
- HTTP/2 will be negotiated through the ALPN protocol by default. If the client does not support HTTP/2, Nginx will automatically fall back to HTTP/1.1 without the need to define the listen directive.
Test ALPN with openssl:
openssl s_client -connect ip:port -alpn h2
If the output contains ALPN protocol: h2, it means that the ALPN negotiation is normal.
4. Verify whether the HTTP/2 configuration is successful
1. Verify using the browser
Open the browser developer tools (F12).
Go to the Network panel.
Check whether the Protocol column appears as h2.
2. Verify using nghttp tool
Install nghttp:
sudo yum install nghttp2 -y # CentOS/RedHat
Run the test:
nghttp -v
If the output contains The negotiated protocol: h2, HTTP/2 is working properly.
5. Frequently Asked Questions and Troubleshooting
1. The client does not support HTTP/2
If the client does not support HTTP/2, Nginx will automatically fall back to HTTP/1.1.
2. ALPN negotiation failed error
Make sure the server uses OpenSSL version (1.0.2 or higher) that supports ALPN.
Check that HTTPS and HTTP/2 are configured correctly.
3. Configuration issues cause the request header to be irregular
Example question:
add_header X-Content-Type-Options: nosniff;
Reason: X-Content-Type-Options: There is a colon in the field name. HTTP/2 requires strict header field format.
Fixed:
add_header X-Content-Type-Options "nosniff";
4. Performance has not improved significantly
Check whether Gzip compression is enabled.
Optimize http2_max_concurrent_streams and keepalive_timeout.
This is the article about this detailed guide on configuring HTTP/2 protocol in Nginx. For more information about configuring HTTP/2 protocol in Nginx, please search for my previous articles or continue browsing the related articles below. I hope everyone will support me in the future!