-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Pierre,
On 1/29/18 7:03 AM, Pierre Chiu wrote:
> According to the change log, this is fixed in in bug 60276.
> However, I cannot make it work.
>
> Gzip compression working fine without the UpgradeProtocol tag.
> Adding UpgradeProtocol for http2 and gzip compression stop
> working.
>
>
> <Connector port="443"
> protocol="org.apache.coyote.http11.Http11AprProtocol"
> SSLEnabled="true" scheme="https" secure="true"
> maxHttpHeaderSize="32767" maxThreads="150" URIEncoding="UTF-8"
> compression="on" useSendfile="off" defaultSSLHostConfigName="*.
> xxxxxxxx.ca"
>
> <UpgradeProtocol className="org.apache.coyote.http2.Http2Protocol"
> compression="on"
> compressibleMimeType="text/html,text/xml,text/plain,text/css,text/java
script,application/javascript,application/json,application/xml"
>
>
compressionMinSize="0"
> />
>
> <SSLHostConfig hostName="*.xxxxxxxx.ca"
> disableSessionTickets="true"
> ciphers="TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
> TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
> TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
> TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384,
> TLS_DHE_DSS_WITH_AES_256_GCM_SHA384,
> TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384,
> TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
> TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,
> TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256,
> TLS_DHE_DSS_WITH_AES_128_GCM_SHA256,
> TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,
> TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,
> TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384,
> TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384,
> TLS_DHE_DSS_WITH_AES_256_CBC_SHA256,
> TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
> TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
> TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
> TLS_ECDH_RSA_WITH_AES_256_CBC_SHA,
> TLS_DHE_DSS_WITH_AES_256_CBC_SHA,
> TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,
> TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,
> TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256,
> TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256,
> TLS_DHE_DSS_WITH_AES_128_CBC_SHA256,
> TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
> TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
> TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
> TLS_ECDH_RSA_WITH_AES_128_CBC_SHA,
> TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_RC4_128_SHA,
> TLS_ECDH_ECDSA_WITH_RC4_128_SHA, TLS_ECDH_RSA_WITH_RC4_128_SHA,
> TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA,
> TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,
> TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA,
> TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA,
> TLS_RSA_WITH_AES_256_GCM_SHA384, TLS_RSA_WITH_AES_128_GCM_SHA256,
> TLS_EMPTY_RENEGOTIATION_INFO_SCSVF"
>>
> <Certificate CertificateFile="${catalina.home}\conf\ssl\
> xxxxxxxx.ca.crt" CertificateKeyFile="${catalina.home}\conf\ssl\
> xxxxxxxx.ca.pem"
> CertificateChainFile="${catalina.home}\conf\ssl\gd_bundle-g2-g1.crt"
>
>
type="RSA" />
> </SSLHostConfig> </Connector>
What does your request look like? Complete headers are important. What
does the response look like? Only the headers are important.
- -chris
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iQJRBAEBCAA7FiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAlpvNJQdHGNocmlzQGNo
cmlzdG9waGVyc2NodWx0ei5uZXQACgkQHPApP6U8pFiI3g/+L0hTRObxnmFWwrHV
ryUbfH0EhuyGnUWWf/ZLiCjY3c8jwIqg6YMqgSsId4dMIU+ivhJDMVczJ2ymzGeg
loPBRsrOKwhIEFwvKKCEtVi6t6LCiv9NzMAv68wg/8BaTDJBYLXfl2VJ28onDbaG
7s43F0fqnxtv8tOhL9MT3YVRtosJoY8UeSp18Sl6DuYXVtWbK/Qmi3TMFE6uhEZY
yHAkhu1fsWjfIns/PiVeWf6MK4rqXceW3gcsPC3JM0WA4QGttUfL2il0JD/ZXHtT
4oXvv+lajmFwAVLNOVxOmNBPlPzKh+hBMJMtcjHFHpsET+7aY8kYycVaVlNqLm1t
+mXmzwXbFnuZlyrk3vk+2DWi3LE8Fh2Eej8vUhFWkxbxJcg2CcksMkc6CNahhyn5
wOQWV7jKcfH0PlHALlS589TLMd0RAK1yy8atAQnoGHqH/YEZEE+CKj9O4o19laSE
rueZ8F09GZkz6bMlVqVbZRb9oMEedm28IGjhc4mZurxADr+Uug8zPL60Sxc4EMiL
RRfLi1MMLH206A9/R3qNUZXmN86hyHu3TArpvaonoGQqO98ZPKWIc1VYKxJD3OZb
TYeWHfIRWQGn/wVNgxUhAQw+RYvsif0tSlvCaXpC8NpuSCzhO+VxVplJ5l9vyXTj
eY1BiUNphjOdRtsBTbhSk18NtnQ=
=sxAm
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
