http2模块nginx不起作用

我在nginx中启用http2协议有一些问题.
该网站在Laravel 5上进行了撰写(但我认为这无关紧要).

首先,我升级nginx版本.

Debian ~ # nginx -V
nginx version: nginx/1.10.1
built with OpenSSL 1.0.1e 11 Feb 2013
TLS SNI support enabled
configure arguments: --with-cc-opt='-g -O2 -fstack-protector -- param=ssp-buffer-size=4 -Wformat -Werror=format-security -Wall -DFORTIFY_SOURCE=2 -fstack-protector -D_FORTIFY_SOURCE=2' --with-ld-opt=-Wl,-z,relro --prefix=/usr/share/nginx --conf-path=/etc/nginx/nginx.conf --http-log-path=/var/log/nginx/access.log --error-log-path=/var/log/nginx/error.log --lock-path=/var/lock/nginx.lock --pid-path=/var/run/nginx.pid --http-client-body-temp-path=/var/lib/nginx/body --http-fastcgi-temp-path=/var/lib/nginx/fastcgi --http-proxy-temp-path=/var/lib/nginx/proxy --http-scgi-temp-path=/var/lib/nginx/scgi --http-uwsgi-temp-path=/var/lib/nginx/uwsgi --with-debug --with-pcre-jit --with-ipv6 --with-http_ssl_module --with-http_stub_status_module --with-http_realip_module --with-http_auth_request_module --with-http_addition_module --with-http_dav_module --with-http_flv_module --with-http_geoip_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_image_filter_module --with-http_mp4_module --with-http_perl_module --with-http_random_index_module --with-http_secure_link_module --with-http_v2_module --with-http_sub_module --with-http_xslt_module --with-mail --with-mail_ssl_module --with-stream --with-stream_ssl_module --with-threads --add-module=/tmp/buildd/nginx-1.10.1/debian/modules/headers-more-nginx-module --add-module=/tmp/buildd/nginx-1.10.1/debian/modules/nginx-auth-pam --add-module=/tmp/buildd/nginx-1.10.1/debian/modules/nginx-cache-purge --add-module=/tmp/buildd/nginx-1.10.1/debian/modules/nginx-dav-ext-module --add-module=/tmp/buildd/nginx-1.10.1/debian/modules/nginx-development-kit --add-module=/tmp/buildd/nginx-1.10.1/debian/modules/nginx-echo --add-module=/tmp/buildd/nginx-1.10.1/debian/modules/ngx-fancyindex --add-module=/tmp/buildd/nginx-1.10.1/debian/modules/nginx-http-push --add-module=/tmp/buildd/nginx-1.10.1/debian/modules/nginx-lua --add-module=/tmp/buildd/nginx-1.10.1/debian/modules/nginx-upload-progress --add-module=/tmp/buildd/nginx-1.10.1/debian/modules/nginx-upstream-fair --add-module=/tmp/buildd/nginx-1.10.1/debian/modules/ngx_http_substitutions_filter_module --add-module=/tmp/buildd/nginx-1.10.1/debian/modules/passenger/src/nginx_module

然后,我添加“ http2”来监听ssl.

server {
    server_name tratata.com www.tratata.com;
    listen 123.123.123.123;
    listen 123.123.123.123:443 ssl http2;

    gzip on;
    gzip_min_length  1100;
    gzip_buffers  4 32k;
    gzip_comp_level 5;
    gzip_types    text/plain application/x-javascript text/xml text/css;
    gzip_vary on;

    ssl_certificate /etc/letsencrypt/live/tratata.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/tratata.com/privkey.pem;

    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_prefer_server_ciphers on;
    ssl_dhparam /etc/ssl/certs/dhparam.pem;
    ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA';
    ssl_session_timeout 1d;
    ssl_session_cache shared:SSL:50m;
    ssl_stapling on;
    ssl_stapling_verify on;
    add_header Strict-Transport-Security max-age=15768000;

    resolver 8.8.8.8 8.8.4.4 valid=300s;
    resolver_timeout 5s;

    charset UTF-8;

    root /var/www/tratata.com/public;
    index index.php index.html index.htm;

    location / {
         try_files $uri $uri/ /index.php$is_args$args;
    }

    # pass the PHP scripts to FastCGI server listening on /var/run/php5-fpm.sock
    location ~ \.php${
            try_files $uri /index.php =404;
            fastcgi_pass unix:/var/run/php5-fpm.sock;
            fastcgi_index index.php;
            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
            include fastcgi_params;
    }

}

但是,当我在Google Chrome浏览器检查器中检查协议时,在“网络”标签中仍写为http / 1.1,该从哪一方面进行挖掘?

解决方法:

Google Chrome现在坚持要使用HTTP / 2的ALPN,因此您需要使用OpenSSL 1.0.2或更高版本来构建Nginx(大多数平台上尚未提供打包版本的Nginx,因此您可能现在必须手动从源代码安装) .

https://ma.ttias.be/day-google-chrome-disables-http2-nearly-everyone-may-31st-2016/

检查它是否适用于Opera中的HTTP / 2,如果是的话,这就是您的问题.

https://serverfault.com/questions/775298/debian-jessie-nginx-with-openssl-1-0-2-to-use-alpn-rather-than-npn

上一篇:Java10中的HttpRequest.BodyProcessor在哪里


下一篇:如何在PHP中发送HTTP / 2 POST请求