When I deploy a spring boot application on an external tomcat server, do I need to configure HTTP2
on the tomcat server as well my spring boot application? I am a bit confused here about how the communication occurs when I call my spring application deployed inside of Tomcat
via the browser or any other client say, Postman
.
I have enabled HTTP2
on Tomcat and verified the same:
0:0:0:0:0:0:0:1 - - [08/Jan/2023:18:28:44 0530] "GET / HTTP/2.0" 200 11408
0:0:0:0:0:0:0:1 - - [08/Jan/2023:18:28:44 0530] "GET /tomcat.svg HTTP/2.0" 200 68761
0:0:0:0:0:0:0:1 - - [08/Jan/2023:18:28:44 0530] "GET /tomcat.css HTTP/2.0" 200 5895
and I have configured my spring boot application to use HTTP2
as well using the steps mentioned in this
EDIT 1: Spring Boot version - 2.7.2 Tomcat server - 9.0.70
In my server.xml
, I have commented and edited the following Connector
:
<Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol"
maxThreads="200" SSLEnabled="true">
<UpgradeProtocol className="org.apache.coyote.http2.Http2Protocol" />
<SSLHostConfig>
<Certificate certificateKeystoreFile="ssl/tomcat.jks"
certificateKeyAlias="tomcat"
certificateKeystorePassword="password"
type="RSA" />
</SSLHostConfig>
</Connector>
which has helped me enable TLS
as well as HTTP2
both on Tomcat. The problem is when I am deploying a spring boot application and making rest calls to that application's RestController
, I am getting HTTP1.1
response. Making calls to Tomcat
webservices is giving correct HTTP2
response.
CodePudding user response:
Tomcat as standalone sever has by default in it's sever.xml
disabled the connector for http 2
.
Spring Boot 2, up to Tomcat 9
If this is a spring boot 2
deployed as war application then this could be using up to Tomcat 9
.
You must find your Tomcat 9 (Server.xml) connector for http2 under the deployed server conf
directory and uncomment this connector, while also providing the necessary certificate files.
You need to uncomment the
<Connector port="8443" protocol="org.apache.coyote.http11.Http11AprProtocol" maxThreads="150" SSLEnabled="true" > <UpgradeProtocol className="org.apache.coyote.http2.Http2Protocol" /> <SSLHostConfig> <Certificate certificateKeyFile="conf/localhost-rsa-key.pem" certificateFile="conf/localhost-rsa-cert.pem" certificateChainFile="conf/localhost-rsa-chain.pem" type="RSA" /> </SSLHostConfig> </Connector>
Spring Boot 3, Tomcat 10 or later
In case you have a spring boot 3
deployed as war application then this should be using Tomcat 10
or later.
You must find your Tomcat 10 (Server.xml) connector for http2 under the deployed server conf
directory and uncomment while also providing the necessary certificate file.
<Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol" maxThreads="150" SSLEnabled="true"> <UpgradeProtocol className="org.apache.coyote.http2.Http2Protocol" /> <SSLHostConfig> <Certificate certificateKeystoreFile="conf/localhost-rsa.jks" type="RSA" /> </SSLHostConfig> </Connector>
CodePudding user response:
I found the solution. While deploying a spring boot application on external tomcat there is no need to specify Server SSL
and HTTP2
parameters in the spring properties file as Tomcat
will handle all the HTTPS
requests. I was trying to mix 2 things.
Configuring the Spring Boot application to support HTTP2 will work if we are deploying using an embedded Tomcat server and I was able to verify that with Chrome browser.
As of writing this post, Postman still doesn't support HTTP2
requests, hence, I was seeing HTTP 1.1
protocol in the Tomcat
access log. The same thing I believe is the issue with curl
request. As my certificate is self-signed, I am using options -k
and -sI
. Maybe that's the reason, I am getting the response :
HTTP/1.1 200
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Date: Tue, 10 Jan 2023 18:09:29 GMT
when running curl -k -sI https://localhost:8443
. I will figure out why I am getting HTTP 1.1
and update it here.
Sharing this answer to help anyone coming across this question next time.