Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
M
M
MelVad2016-05-11 12:33:28
Nginx
MelVad, 2016-05-11 12:33:28

How to set up HTTPS and HTTP/2 in Nginx?

Good day!
The task is to configure HTTP2 and HTTPS on the NGINX server.
HTTPS is up and running, but HTTP2 is having trouble, it just doesn't work.
Ubuntu 1404
Nginx 1.10.0
nginx settings

server {
    listen 80;
    server_name www.mysite.com mysite.com;
    rewrite ^ https://mysite.com$request_uri? permanent;
}
server {
    listen      443 ssl http2;
    server_name www.mysitecom mysite.com;
    ssl    on; 
    ssl_certificate      /home/developer/conf/web/ssl.developer.dev.pem;
    ssl_certificate_key  /home/developer/conf/web/ssl.developer.dev.key;
    ssl_dhparam          /home/developer/conf/web/dhparam.pem;
    ssl_prefer_server_ciphers On;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA';
    ssl_session_timeout 1h;
    ssl_session_cache shared:SSL:10m;
    ssl_stapling on;
    ssl_stapling_verify on;
    resolver 8.8.4.4 8.8.8.8 valid=300s;
    resolver_timeout 10s;
    add_header Strict-Transport-Security max-age=31536000;

    access_log /var/log/nginx/nginx.vhost.access.log; 
    error_log  /var/log/apache2/domains/developer.dev.error.log error;
    location / {
        root    /home/developer/web/developer.dev/public_html;
    }
    location /error/ {
        alias   /home/developer/web/developer.dev/document_errors/;
    }

    location @fallback {
        proxy_pass      http://172.31.1.100:8080;
    }

    location ~ /\.ht    {return 404;}
    location ~ /\.svn/  {return 404;}
    location ~ /\.git/  {return 404;}
    location ~ /\.hg/   {return 404;}
    location ~ /\.bzr/  {return 404;}

    include /home/developer/conf/web/nginx.developer.dev.conf*;
}

Thank you in advance!

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

2 answer(s)
Report
M
MelVad, 2016-05-11
@MelVad

Found the answer to the question myself.
For http2 to work, nginx requires OpenSSl version 1.0.2 and later.
I have Ubuntu 1404, the latest version they have now is 1.0.1f-1ubuntu2.
On the OpenSLL site, the latest stable version to date, 1.0.2, was released on March 3rd.
Thank you all for your help, issue closed.

Report
A
Anton B, 2016-05-11
@bigton

1. How do you determine that http2 is not working?
2. Does your version of nginx support http2?

Similar questions
L
Leopandro2016-07-16 18:03:04
In what language can this functionality be written? 2Reply
V
Vladimir2018-09-08 07:00:01
How to send all requests to a single file in nginx? 0Reply
H
HoHsi2016-04-12 14:07:42
How to block access to the site by IP for the outside world? 2Reply
F
Fedor Ananin2016-04-15 03:37:47
I get error 413 when uploading a file, what should I do? 1Reply
A
Arman2020-08-11 18:14:47
Is it possible to show directory files by GET parameter? 0Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question