Hi Stefan,
thanks for your answer.
I did what you suggested. Here is the error.log
-------
[Thu Aug 25 15:19:43.850756 2016] [ssl:info] [pid 4275] AH01887: Init:
Initializing (virtual) servers for SSL
[Thu Aug 25 15:19:43.850825 2016] [ssl:info] [pid 4275] AH01914:
Configuring server localhost:443 for SSL protocol
[Thu Aug 25 15:19:43.851048 2016] [ssl:debug] [pid 4275]
ssl_engine_init.c(413): AH01893: Configuring TLS extension handling
[Thu Aug 25 15:19:43.851269 2016] [ssl:warn] [pid 4275] AH01906:
localhost:443:0 server certificate is a CA certificate
(BasicConstraints: CA == TRUE !?)
[Thu Aug 25 15:19:43.851322 2016] [ssl:debug] [pid 4275]
ssl_util_ssl.c(443): AH02412: [localhost:443] Cert does not match for
name 'localhost' [subject: O=Internet Widgits Pty Ltd,ST=Some-State,C=AU
/ issuer: O=Internet Widgits Pty Ltd,ST=Some-State,C=AU / serial:
DF104C2A1DF0EF15 / notbefore: Jun 13 13:48:30 2016 GMT / notafter: Jun
13 13:48:30 2017 GMT]
[Thu Aug 25 15:19:43.851331 2016] [ssl:warn] [pid 4275] AH01909:
localhost:443:0 server certificate does NOT include an ID which matches
the server name
[Thu Aug 25 15:19:43.851337 2016] [ssl:info] [pid 4275] AH02568:
Certificate and private key localhost:443:0 configured from
/etc/ssl/server.crt and /etc/ssl/private.key
[Thu Aug 25 15:19:43.851433 2016] [ssl:info] [pid 4275] AH01876:
mod_ssl/2.4.23 compiled against Server: Apache/2.4.23, Library:
OpenSSL/1.0.2h
[Thu Aug 25 15:19:43.851458 2016] [http2:debug] [pid 4275]
mod_http2.c(101): AH03089: initializing post config dry run
[Thu Aug 25 15:19:43.872030 2016] [ssl:info] [pid 4276] AH01887: Init:
Initializing (virtual) servers for SSL
[Thu Aug 25 15:19:43.872060 2016] [ssl:info] [pid 4276] AH01914:
Configuring server localhost:443 for SSL protocol
[Thu Aug 25 15:19:43.872306 2016] [ssl:debug] [pid 4276]
ssl_engine_init.c(413): AH01893: Configuring TLS extension handling
[Thu Aug 25 15:19:43.872593 2016] [ssl:warn] [pid 4276] AH01906:
localhost:443:0 server certificate is a CA certificate
(BasicConstraints: CA == TRUE !?)
[Thu Aug 25 15:19:43.872648 2016] [ssl:debug] [pid 4276]
ssl_util_ssl.c(443): AH02412: [localhost:443] Cert does not match for
name 'localhost' [subject: O=Internet Widgits Pty Ltd,ST=Some-State,C=AU
/ issuer: O=Internet Widgits Pty Ltd,ST=Some-State,C=AU / serial:
DF104C2A1DF0EF15 / notbefore: Jun 13 13:48:30 2016 GMT / notafter: Jun
13 13:48:30 2017 GMT]
[Thu Aug 25 15:19:43.872658 2016] [ssl:warn] [pid 4276] AH01909:
localhost:443:0 server certificate does NOT include an ID which matches
the server name
[Thu Aug 25 15:19:43.872664 2016] [ssl:info] [pid 4276] AH02568:
Certificate and private key localhost:443:0 configured from
/etc/ssl/server.crt and /etc/ssl/private.key
[Thu Aug 25 15:19:43.872768 2016] [ssl:info] [pid 4276] AH01876:
mod_ssl/2.4.23 compiled against Server: Apache/2.4.23, Library:
OpenSSL/1.0.2h
[Thu Aug 25 15:19:43.872802 2016] [http2:info] [pid 4276] AH03090:
mod_http2 (v1.5.11, feats=CHPRIO+SHA256, nghttp2 1.12.0-DEV),
initializing...
[Thu Aug 25 15:19:43.895209 2016] [mpm_prefork:notice] [pid 4276]
AH00163: Apache/2.4.23 (Ubuntu) OpenSSL/1.0.2h PHP/5.5.9-1ubuntu4.19
configured -- resuming normal operations
[Thu Aug 25 15:19:43.895278 2016] [core:notice] [pid 4276] AH00094:
Command line: '/usr/sbin/apache2'
[Thu Aug 25 15:19:43.895286 2016] [core:debug] [pid 4276] log.c(1546):
AH02639: Using SO_REUSEPORT: yes (1)
------
Am 25.08.2016 um 15:06 schrieb Stefan Eissing:
If you add something like
LogLevel http2:debug
LogLevel ssl:debug
LogLevel core:debug
you should find information about negotiation in your error.log. Strange
that Firefox works and h2load does not. I use the later regularly in my tests.
Looking forward to see some log output...
Am 25.08.2016 um 14:58 schrieb Max Meyer <redeemerofsouls...@web.de>:
I am trying to do some benchmarking on different HTTP/2 webservers using
"h2load" from nghttp2.org.
I configured Apache with HTTP/2 and in wireshark I can see HTTP/2 traffic when
connecting with a browser like firefox.
When I use h2load it falls back to HTTP/1.1 claiming the server does not
support NPN/ALPN.
--------------
Example:
h2load -c1 -n1024 -m1024 myapache
starting benchmark...
spawning thread #0: 1 total client(s). 1024 total requests
TLS Protocol: TLSv1.2
Cipher: ECDHE-RSA-AES128-GCM-SHA256
No protocol negotiated. Fallback behaviour may be activated
Server does not support NPN/ALPN. Falling back to HTTP/1.1.
Application protocol: http/1.1
---------------
I tested h2load with an nginx installation and there it works fine, so I'm
guessing that it is not a problem on the h2load side.
My Apache site configuration looks like this.
<IfModule mod_ssl.c>
<VirtualHost _default_:443>
ServerAdmin webmaster@localhost
DocumentRoot /var/www/html
Protocols h2
H2Push on
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
SSLEngine on
SSLCertificateFile /etc/ssl/server.crt
SSLCertificateKeyFile /etc/ssl/private.key
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory /usr/lib/cgi-bin>
SSLOptions +StdEnvVars
</Directory>
</VirtualHost>
</IfModule>
Apache Version: 2.4.23
Openssl: 1.0.2h
Does anyone have an idea what might be the problem?
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
