How to Enable HTTP/2 in Nginx

Hypertext Transfer Protocol Version 2 (HTTP/2) is the latest version of the HTTP protocol, published as an IETF standard in RFC 7540 in 2015. The focus of the protocol is on performance; specifically, end-user perceived latency, network and server resource usage. One major goal is to allow the use of a single connection from browsers to a Web site. The protocol is backward compatible, so HTTP methods, status codes and semantics are the same as for previous versions of the protocol. Nginx has HTTP/2 support since version 1.9.5.  In this tutorial, I'm going to assume that you already have a working TLS configuration, and that you have required Nginx version installed on your Linux distribution of choice, and that you know how to use Let's Encrypt, or you know how to issue a self-signed certificate. 

Requirements

To enable HTTP/2 in Nginx you will need to fulfill the following requirements:

  • Nginx version 1.9.5 or greater. You can check your Nginx version by running (nginx -v) command.
  • OpenSSL version 1.0.2 or greater. You can check your OpenSSL version by running (OpenSSL version) command or installing the latest OpenSSL.
  • SSL/TLS certificate from Let's Encrypt or a self-signed certificate.
  • TLS 1.2 or higher protocol enabled. Otherwise, you will not be able to use HTTP/2. Implementations of HTTP/2 must use TLS version 1.2 or higher for HTTP/2 over TLS.

Enable HTTP/2 in Nginx

To enable HTTP/2 in Nginx, we have to add the http2 parameter to the listen directive in our virtual host:

listen 443 ssl http2;

And reload your Nginx configuration:

sudo systemctl reload nginx.service

Here is the minimal virtual server configuration that can be used to enable HTTP/2 in some virtual host:

server {

listen 443 ssl http2;
listen [::]:443 ssl http2;

server_name example.com;
root /path/to/public;

ssl_certificate /path/to/certificate.crt;
ssl_certificate_key /path/to/private.key;

ssl_protocols TLSv1.2;

}

To check if your server supports HTTP/2, you can use your browser dev tools or Nginx log files. The below is a screenshot from Google Chrome browser that shows HTTP/2 in action on https://example.com domain.

You can also use Nginx $http2 embedded variable to see negotiated protocol. This variable will log: h2” for HTTP/2 over TLS, “h2c” for HTTP/2 over cleartext TCP, or an empty string otherwise in the Nginx access log if configured to do so.

And that's all there is to enabling HTTP/2 on your Nginx server.

Share this page:

0 Comment(s)