SPDY Installed but not working?
benseb
nginx-forum at nginx.us
Wed Jul 3 14:19:28 UTC 2013
We have installed Nginx on CentOS 6. This is a new install using Nginx 1.4.1
and OpenSSL 1.0.1e
We then confgured our vhosts to use SPDY, however using a few different
tests, it's showing that SPDY is not enabled?
There are no messages in the logs and it restarts fine?
spdycheck.com:
-----------------------
Missing NPN Extension in SSL/TLS Handshake
Sorry, but this server is not including an NPN Entension during the SSL/TLS
handshake. The NPN Extension is an additional part of the SSL/TLS
ServerHello message which allows web servers to tell browsers they support
additional protocols, like SPDY. SSL/TLS servers that don't use send the NPN
Extension cannot use SPDY because they have no way to tell the browser to
use SPDY instead of HTTP.
ssllabs.com:
-------------------
Next Protocol Negotiation No
Please see config below:
[root at lb-3 ~]# nginx -V
nginx version: nginx/1.4.1
built by gcc 4.4.7 20120313 (Red Hat 4.4.7-3) (GCC)
TLS SNI support enabled
configure arguments: --user=nginx --group=nginx --prefix=/usr/share/nginx
--sbin-path=/usr/sbin/nginx --conf-path=/etc/nginx/nginx.conf
--error-log-path=/var/log/nginx/error.log
--http-log-path=/var/log/nginx/access.log
--http-client-body-temp-path=/var/lib/nginx/tmp/client_body
--http-proxy-temp-path=/var/lib/nginx/tmp/proxy
--http-fastcgi-temp-path=/var/lib/nginx/tmp/fastcgi
--http-uwsgi-temp-path=/var/lib/nginx/tmp/uwsgi
--http-scgi-temp-path=/var/lib/nginx/tmp/scgi --pid-path=/var/run/nginx.pid
--lock-path=/var/lock/subsys/nginx --with-http_ssl_module
--with-http_realip_module --with-http_addition_module
--with-http_xslt_module --with-http_image_filter_module
--with-http_geoip_module --with-http_sub_module --with-http_dav_module
--with-http_flv_module --with-http_gzip_static_module
--with-http_random_index_module --with-http_secure_link_module
--with-http_degradation_module --with-http_stub_status_module
--with-http_perl_module --with-http_mp4_module --with-http_spdy_module
--with-http_gunzip_module --with-mail --with-file-aio --with-mail_ssl_module
--with-ipv6 --with-cc-opt='-O2 -g' --with-cc-opt='-O2 -g'
[root at lb-3 ~]# openssl version
OpenSSL 1.0.1e 11 Feb 2013
[root at lb-3 ~]# which openssl
/usr/bin/openssl
server {
listen 443 ssl spdy;
spdy_headers_comp 5;
ssl_certificate /etc/nginx/certs/xxx;
ssl_certificate_key /etc/nginx/certs/xxx;
server_name www.xxx.com;
...snip...
}
Posted at Nginx Forum: http://forum.nginx.org/read.php?2,240545,240545#msg-240545
More information about the nginx
mailing list