A step-by-step guide to setup HTTP2 in Apache Tomcat
Full HTTP2 support is added to the latest version of Tomcat 9.x. HTTP/2 is fast, much faster than HTTP/1.1.
If you directly serve the content to the browser (without going through a web server) from Tomcat then implementing HTTP/2 can drastically reduce the application load time and overall improve the performance. Its recommended testing this in a non-production environment to ensure application behave as expected.
Read this if you are looking to enable in a web server like Apache or Nginx.
Pre-requisite
Tomcat must be secured with SSL/TLS certificate before implementing HTTP2. If you need help with the implementation, then check out this guide.
Implementing HTTP/2 on Tomcat
Note: Take a backup of configuration files before modification so you can restore if something goes wrong.
- Login to Tomcat Server and go the installation folder
- Go to
conffolder - Modify server.xml file using
vior your favorite editor - Add the following in SSL connector
<UpgradeProtocol className="org.apache.coyote.http2.Http2Protocol" />Overall, it should look like below.
<Connector port="443" protocol="org.apache.coyote.http11.Http11AprProtocol"
maxThreads="150" SSLEnabled="true" >
<UpgradeProtocol className="org.apache.coyote.http2.Http2Protocol" />
<SSLHostConfig>
<Certificate certificateKeyFile="conf/key.pem"
certificateFile="conf/cert.pem"
certificateChainFile="conf/chain.pem"
type="RSA" />
</SSLHostConfig>
</Connector>Above are my lab configuration so if you are copying it then don’t forget to adjust the configuration to fit your environment requirement — especially the port if using a custom one and certificate path.
- Restart Tomcat instance by going to bin folder and execute the following scripts
./shutdown.sh
./startup.sh- Check the
catalina.outlog, and you should see the following confirmation that is configured to supporth2
24-Feb-2019 19:43:47.559 INFO [main] org.apache.coyote.http11.AbstractHttp11Protocol.configureUpgradeProtocol The ["https-openssl-apr-443"] connector has been configured to support negotiation to [h2] via ALPNThis means Tomcat is ready to serve requests over HTTP2 protocol.
Testing if Tomcat is serving over H2
How do you know if it is working as expected?
There are multiple ways to test this.
Using Chrome
Useful for testing Intranet applications.
- Launch Google Chrome
- Open Developer Tools by pressing F12
- Go to the network tab
- Access your Tomcat application and pay attention to Protocol column
And, as you can see the requests were served using h2.
Using Logs
Look at access.log file and review the incoming requests.
xx.xxx.xxx.xxx - - [24/Feb/2019:20:59:23 +0000] "GET / HTTP/2.0" 200 11468
xx.xxx.xxx.xxx - - [24/Feb/2019:20:59:23 +0000] "GET /tomcat.css HTTP/2.0" 200 5931
xx.xxx.xxx.xxx - - [24/Feb/2019:20:59:23 +0000] "GET /tomcat.png HTTP/2.0" 200 5103
xx.xxx.xxx.xxx - - [24/Feb/2019:20:59:23 +0000] "GET /bg-button.png HTTP/2.0" 200 713
xx.xxx.xxx.xxx - - [24/Feb/2019:20:59:23 +0000] "GET /bg-upper.png HTTP/2.0" 200 3103
xx.xxx.xxx.xxx - - [24/Feb/2019:20:59:23 +0000] "GET /bg-nav.png HTTP/2.0" 200 1401
xx.xxx.xxx.xxx - - [24/Feb/2019:20:59:23 +0000] "GET /asf-logo-wide.svg HTTP/2.0" 200 27530
xx.xxx.xxx.xxx - - [24/Feb/2019:20:59:23 +0000] "GET /bg-middle.png HTTP/2.0" 200 1918
xx.xxx.xxx.xxx - - [24/Feb/2019:20:59:23 +0000] "GET /favicon.ico HTTP/2.0" 200 21630Do you see HTTP/2.0 is being categorized in every request?
Using Internet-based tools
If your Tomcat application URL is available on the Internet, then you can check against the following tools.
Conclusion
Implementing H2 on Tomcat is straightforward. I would strongly recommend testing your application post implementation to ensure there are no side-effects.
If you are interested in learning Tomcat administration, then check out this online course.
