Jetty 9.3 SSL(TLS)->ALPN->HTTP/2 or HTTP/1.1

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

Jetty 9.3 SSL(TLS)->ALPN->HTTP/2 or HTTP/1.1

Danny
This post has NOT been accepted by the mailing list yet.
I would like to ask a question about proper SSL(TLS)->ALPN->HTTP/2 or HTTP/1.1 set-up.

BACKGROUND
---------------
Config info: Jetty 9.3 version jetty-distribution-9.3.0.v20150612 and Java JRE8.

Until now I used HTTP/1.1 with Jetty while focussing on making a Thread-Pool/thread-less waiting and full asynchronous IO Read and Write embedded server with Jetty 9.2. This works fine and from Jetty 9.2 to Jetty 9.3 this apparently became remarkably faster without any changes other then the Jetty upgrade (about 15%).

I now like to upgrade and test HTTP/2 compressed headers and SSL(TLS) encryption combined with ALPN negotiation and also see what impact that would have on the system throughput and performance because that are the only protocols I want/need to support. HTTP/1.1 would only be there for rejecting User Agents that don't support that set-up and to generate one of those "Use one of the following browsers..." type of messages. No SPDY, no NPN, no HTTP versions before 1.1, etc.

MY QUESTION
---------------
From the Jetty 9.3 documentation link http://www.eclipse.org/jetty/documentation/current/alpn-chapter.html this sentence captured my attention:

"The Jetty distribution will automatically enable ALPN when it is needed to by a HTTP/2 connector, so for the most part ALPN is transparent to the average deployer. This section provides the detail required for unusual deployments or developing to the ALPN API."

So, could anyone pls confirm that if I ONLY want to set-up for SSL(TLS)->ALPN-HTTP/2-HTTP/1.1 that it suffices to include Jetty's 9.3 jetty-alpn-server-9.3.0.v20150612.jar  and the SSL(TLS) jetty-security...jar and the HTTP/2 common, hpak and server jar's to my class path in Eclipse on top of those I currently use for HTTP/1.1 only.

Is there some example where such a secure, limited backwards protocol compatibility server is set-up. I figure that with HTTP/2 now SPDY will quickly fade away, NPN is already removed from Jetty and the main browser vendors seem to be committed to make HTTP/1.1 a thing of the past ASAP. So such a SSL(TLS)-ALPN-HTTP/2->PPHM/1.1 combination example could be/become a popular request and such example could avoiding a lot of returning of the same questions.

I saw messages from Greg and Simon about where the host/ports must be set, if or not config files where needed, and other such specific SSL(TLS)-ALPN-HTTP/2->1.1 combination related issues and I am getting confused.

I am looking for the correct connector order, what (host/ports/...) to set via what connector. Staring from the SSL(TLS)-SPDY-HTTP/1.1  example is therefore not an option because for SSL(TLS)-ALPN-HTTP/2->1.1 combinations there seems to be certain way (possibly undocumented yet) to go about it to do it right.

TIA