Setup Nginx with HTTP/2 Support on Ubuntu 17.04
HTTP/2 is the new version to HTTP/1 which has been the default protocol since it was standardized way back in the year 1999. It has functioned as the defacto protocol since until HTTP/2 (version 2) was standardized.
Major webservers like Apache2, Nginx and others are including HTTP/2 (version 2) support into their builds and making the protocol readily available. This brief tutorial is going to show you how to enable HTTP/2 on Nginx webservers on Ubuntu systems.
Some of the key features of HTTP/2 are:
- Single, persistent connection
- Multiplexing
- Header compression
- Resource prioritization
- Secure transport layer
So, as you can see, there are great benefits for those who upgrade to HTTP/2.
Since HTTP/2 only works with webservers that have SSL/TLS enabled, your first task to getting Nginx to support HTTP/2 is to configure Nginx with SSL/TLS support.
Step 1: Nginx SSL/TLS Support with Self-Signed Certificates
SSL/TLS certificates can be created in two ways.. one is by generating a certificate and signing it yourself.. also know as self-signed certificates or going to a trusted certificate authority (CA) to obtain one. Whether the certificate is self-signed or from a trusted CA, HTTP/2 should work just fine.
For this tutorial, we’re going to be using a self-signed certificate. To get a self-signed cert functioning in Nginx, read our post below:
Step 2: Configuring Nginx with HTTP/2 Support
The tutorial above on setting up Nginx with SSL/TLS support should help you install a self-signed certificate on Nginx web server. Follow Step 1 guide until it’s complete.
When done setting up Nginx with SSL/TLS support, continue with Step 2 to enable HTTP/2. All you need to do to support HTTP/2 after following step 1 is to add the highlighted block of codes in the Nginx site configuration file.
Use the example configuration as shown below to enable HTTP/2.
# HTTPS server server { listen 80; listen [::]:80; server_name example.com; return 301 https://$host$request_uri; } server { listen 443 ssl http2 default_server; listen [::]:443 ssl http2 default_server; server_name example.com; ssl_certificate /etc/nginx/ssl/example.com.crt; ssl_certificate_key /etc/nginx/ssl/example.com.key; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_prefer_server_ciphers on; ssl_ciphers ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:!aNULL:!eNULL:!EXPORT:!DES:!3DES:!MD5:!PSK:!RC4; location / { root /var/www/html; index index.html index.htm; } }
Save the changes and you’e done.
Summary:
Again, this post shows you how to enable HTTP/2 (version 2) on Nginx webservers on Ubuntu systems. This post assumes you already have Nginx webserver installed and functioning and that you followed the guide for Step 1 for setting up SSL/TLS support on Nginx.
Once you’ve completed those requirements, HTTP/2 should be functioning on websites powered by Nginx webservers.
You may also like the post below: