本文介绍了在Spring Boot中使用Tomcat启用http2的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

Tomcat 8.5 ,这将是 Spring Boot 1.4 中的默认值,(将于明天发布)支持 http2

Tomcat 8.5, which will be the default in Spring Boot 1.4, (to be released tomorrow) supports http2.

怎样才能在 http2 中启用 Spring Boot 申请?

How can http2 be enabled in a Spring Boot application?

推荐答案

最优雅,最佳表现方式启用 HTTP / 2 ,其中包含一个Spring Boot应用程序。

The most elegant and best-performing way to enable HTTP/2 with a Spring Boot application follows here.

首先,正如Andy Wilkinson的答案所述,你需要在Tomcat级别启用HTTP / 2:

First, as mentioned in Andy Wilkinson's answer, you need to enable HTTP/2 at Tomcat level:

@Bean
public EmbeddedServletContainerCustomizer tomcatCustomizer() {
    return (container) -> {
        if (container instanceof TomcatEmbeddedServletContainerFactory) {
            ((TomcatEmbeddedServletContainerFactory) container)
                    .addConnectorCustomizers((connector) -> {
                connector.addUpgradeProtocol(new Http2Protocol());
            });
        }
    };
}

如果你没有使用嵌入式Tomcat,你可以设置HTTP / 2听起来像这样:

In case you are not using an embedded Tomcat, you can set up HTTP/2 listening like this:

<Connector port="5080" protocol="HTTP/1.1" connectionTimeout="20000">
    <UpgradeProtocol className="org.apache.coyote.http2.Http2Protocol" />
</Connector>

请记住,您需要Tomcat> = 8.5。

然后,你应该在Tomcat面前使用 HAProxy (版本> = 1.7)来照顾加密。

Then, you should use HAProxy (version >= 1.7) in front of Tomcat to take care of encryption.

客户端将对HAProxy说https,而HAProxy将根据客户端的要求向后端发出明文HTTP / 1.1或HTTP / 2。
没有不必要的协议翻译。

The client will speak https to HAProxy, and HAProxy will speak cleartext HTTP/1.1 or HTTP/2 to the backend, as the client requested.There will be no unnecessary protocol translations.

匹配的HAProxy配置在这里:

The matching HAProxy-configuration is here:

# Create PEM: cat cert.crt cert.key ca.crt > /etc/ssl/certs/cert.pem

global
    tune.ssl.default-dh-param 2048
    ssl-default-bind-options no-sslv3 no-tls-tickets force-tlsv12
    ssl-default-bind-ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS
    chroot /var/lib/haproxy
    user haproxy
    group haproxy

defaults
    timeout connect 10000ms
    timeout client 60000ms
    timeout server 60000ms

frontend fe_https
    mode tcp
    rspadd Strict-Transport-Security:\ max-age=31536000;\ includeSubDomains;\ preload
    rspadd X-Frame-Options:\ DENY
    bind *:443 ssl crt /etc/ssl/certs/cert.pem alpn h2,http/1.1
    default_backend be_http

backend be_http
    mode tcp
    server domain 127.0.0.1:8080
    compression algo gzip
    compression type text/html text/css text/javascript application/json

这篇关于在Spring Boot中使用Tomcat启用http2的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!

09-06 00:30