Works for me with txacme and a lets: cert IIRC, when I was trying to use a self signed cert on my local network I got the ERR_SPDY_INADEQUATE_TRANSPORT_SECURITY error.
DJM On 9 July 2016 at 18:30, Paweł Miech <pawel...@gmail.com> wrote: > Thanks for fixing this. > > Did anyone actually manage to make HTTP2 in Twisted work with > Google-Chrome? I tried to do this today, and it seems this is surprisingly > difficult. It turns out that Chrome requires ALPN and it dropped support > for NPN. ALPN is only supported with OpenSSL 1.0.2 or above, which by > default is not available in most systems. This is discussed here > <https://www.nginx.com/blog/supporting-http2-google-chrome-users/>. I > tried setting up docker image with Ubuntu 16.04 that has required version > of OpenSSL, but it seems that Chrome still doesn't like it. It > returns ERR_SPDY_INADEQUATE_TRANSPORT_SECURITY error and fails to load > page. Looking up this error I found out this might be happening because > some TSL ciphers are blacklisted in HTTP2, there is nice answer about > this here > <https://serverfault.com/questions/712808/chrome-reports-err-spdy-inadequate-transport-security-connecting-to-local-web-se/712838#712838> > it > links to this part of HTTP2 spec > https://http2.github.io/http2-spec/#rfc.section.9.2.2 > > My question is: should user deal with this kind of stuff themselves? If > some ciphers are blacklisted in HTTP2 shouldn't this be handled somewhere > in Twisted? E.g. perhaps there should be some Http2SSLContextFactory? If > you'd like to reproduce this I did some sample repo here: > https://github.com/pawelmhm/sf-books-http2 it contains dockerfile that > builds from Ubuntu 16.04 and runs simple Twisted HTTP 2 resource. > > 2016-07-04 13:48 GMT+02:00 Craig Rodrigues <rodr...@crodrigues.org>: > >> On Sun, Jul 3, 2016 at 3:15 AM, Paweł Miech <pawel...@gmail.com> wrote: >> >>> HTTP2 support sounds really exciting. >>> >>> > Please let me know if you have any issues, as well as if you don't! If >>> everything works well, that's a good thing for me to know :) >>> >>> I played around with this today and found out that the command you >>> recommend: >>> >>> > pip install -U https://twistedmatrix.com/Releases >>> /pre/16.3.0pre2/Twisted-16.3.0rc2.tar.bz2#egg=Twisted[http2,tls] >>> >>> does NOT install dependencies when ran on Python 3, I had to manually >>> install h2 to HTTP2 support to work. It works ok on Python 2. My >>> installation logs on Python 3.4 look like this: >>> >>> >> I think I've fixed that in trunk with this: >> >> https://github.com/twisted/twisted/pull/287 >> >> -- >> Craig >> >> _______________________________________________ >> Twisted-Python mailing list >> Twisted-Python@twistedmatrix.com >> http://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-python >> >> > > _______________________________________________ > Twisted-Python mailing list > Twisted-Python@twistedmatrix.com > http://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-python > >
_______________________________________________ Twisted-Python mailing list Twisted-Python@twistedmatrix.com http://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-python