Nginx HTTP/2 module (ALPN) TLS on RHEL 7.*
Dewangga Bachrul Alam
dewanggaba at xtremenitro.org
Mon Sep 28 14:54:36 UTC 2015
Hello!
On 09/28/2015 08:40 PM, rikske at deds.nl wrote:
> Dear,
>
> Does the Nginx HTTP/2 module work on RHEL 7.1 with (ALPN) TLS?
>
> It seems like the HTTP/2 module is enabled by default in your RHEL 7.1
> based rpm and srpm.
>
> Your Nginx website writes about:
>
> "Note that accepting HTTP/2 connections over TLS requires the
> “Application-Layer Protocol Negotiation” (ALPN) TLS extension support,
> which is available only since OpenSSL version 1.0.2. Using the “Next
> Protocol Negotiation” (NPN) TLS extension for this purpose
> (available since OpenSSL version 1.0.1) is not guaranteed. "
>
> RHEL 7.1 is using OpenSSL 1.0.1e. with a whole bunch of patches and
> backports.
>
> Can't find anything in the changelog of RHEL 7.1's OpenSSL about ALPN.
> The only thing i can find is "Support for Application Layer Protocol
> Negotiation (ALPN) has been added." in RHEL's GnuTLS.
Yes, RHEL using openssl 1.0.1e-42. But, I've compiled using openssl
1.0.2d + crypto-policies under centos7. And it was success deployed on
my sandbox
The rpm was compiled on fedora22, and ported to el7 using mock.
https://gitlab.com/antituhan/rpms/tree/master.
$ openssl version
OpenSSL 1.0.2d-fips 9 Jul 2015
$ uname -a
Linux <removed> 3.10.0-229.14.1.el7.x86_64 #1 SMP Tue Sep 15 15:05:51
UTC 2015 x86_64 x86_64 x86_64 GNU/Linux
Enjoy.
>
> Thanks,
>
> Regards,
>
> Rik Ske
>
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx
>
More information about the nginx
mailing list