On a correct installation, you should see
* Connected to greenbytes.de (217.91.35.233) port 443 (#0)
--> * ALPN, offering h2
--> * ALPN, offering http/1.1
* Cipher selection:
ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
in the curl output, followed by a
* SSL connection using TLSv1.2 / ECDHE-RSA-AES128-GCM-SHA256
--> * ALPN, server accepted to use h2
* Server certificate:
and if the server does not talk ALPN, you see
--> * ALPN, server did not agree to a protocol
So, your curl is not what it should be. Please take this to the curl mailing
list. If curl outputs the correct debug information and you still see no h2
negotiated, lets continue here.
//Stefan
> Am 30.09.2015 um 13:40 schrieb [email protected]:
>
> https://bz.apache.org/bugzilla/show_bug.cgi?id=58437
>
> --- Comment #22 from Javier Gusano Martinez <[email protected]> ---
> (In reply to Yann Ylavic from comment #19)
>> Capital 'V' is for Version.
>> Your system's curl is probably compiled with your (now removed) system's
>> openssl.
>
> Now it looks that cURL is using right version of Openssl 1.0.2:
>
> $ curl -V
> curl 7.44.0 (x86_64-unknown-linux-gnu) libcurl/7.44.0 OpenSSL/1.0.2d
> zlib/1.2.8
> nghttp2/1.3.2
> Protocols: dict file ftp ftps gopher http https imap imaps pop3 pop3s rtsp smb
> smbs smtp smtps telnet tftp
> Features: IPv6 Largefile NTLM NTLM_WB SSL libz TLS-SRP HTTP2 UnixSockets
>
>
> But Apache continues without http2 suport when I use https://
>
>
> curl -v --http2 https://localhost:443
> * Rebuilt URL to: https://localhost:443/
> * Trying 127.0.0.1...
> * Connected to localhost (127.0.0.1) port 443 (#0)
> * Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
> * successfully set certificate verify locations:
> * CAfile: /etc/ssl/certs/ca-certificates.crt
> CApath: none
> * TLSv1.2 (OUT), TLS Unknown, Certificate Status (22):
> * TLSv1.2 (OUT), TLS handshake, Client hello (1):
> * TLSv1.2 (IN), TLS handshake, Server hello (2):
> * TLSv1.2 (IN), TLS handshake, Certificate (11):
> * TLSv1.2 (IN), TLS handshake, Server key exchange (12):
> * TLSv1.2 (IN), TLS handshake, Server finished (14):
> * TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
> * TLSv1.2 (OUT), TLS change cipher, Client hello (1):
> * TLSv1.2 (OUT), TLS handshake, Finished (20):
> * TLSv1.2 (IN), TLS change cipher, Client hello (1):
> * TLSv1.2 (IN), TLS handshake, Finished (20):
> * SSL connection using TLSv1.2 / ECDHE-RSA-AES128-GCM-SHA256
> * Server certificate:
> * subject: C=ES; ST=Madrid; L=Madrid; O=Telefonica Investigacion y
> Desarrollo; CN=*.bluevia.com
> * start date: 2014-10-06 00:00:00 GMT
> * expire date: 2016-01-05 23:59:59 GMT
> * subjectAltName does not match localhost
> * SSL: no alternative certificate subject name matches target host name
> 'localhost'
> * Closing connection 0
> * TLSv1.2 (OUT), TLS alert, Client hello (1):
> curl: (51) SSL: no alternative certificate subject name matches target host
> name 'localhost'
>
>
> Some idea about what's happening here? :S
>
> --
> You are receiving this mail because:
> You are the assignee for the bug.
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [email protected]
> For additional commands, e-mail: [email protected]
>
<green/>bytes GmbH
Hafenweg 16, 48155 Münster, Germany
Phone: +49 251 2807760. Amtsgericht Münster: HRB5782
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
