Configure Tomcat 9 for HTTP/2
Introduction
One of the most important developments in JavaEE 8 will be support for HTTP/2 (now the official RFC 7540). The Java Community Process JSR369 has been in development for almost 2 years now and the specification leaders Ed Burns and Shing Wai Chan have done a great job in advancing its progress.
At the time of writing three server vendors currently support Servlet 4.0, Apache Tomcat 9.0.0.M4, Jetty 9 and WildFly 10.0.0.Final. Let’s have a look at how to configure Tomcat 9 to support.
The Goal of HTTP/2
The goal of HTTP/2 is to increase the perceived performance of the web browsing experience.
Why Do We Need HTTP/2
A web page has many resources that need to be loaded. In HTTP 1.0 requests for all resources are sent all at once and the server responds to each request. If one of the resources takes time trespond then all other resources are blocked because of head-of-line blocking.
Upgrade From HTTP1.1
Most websites are using HTTP1.1 so how to talk in HTTP/2.
You can use the upgrade header (101 switching protocols) to send h2c to the server, the server will upgrade to h2c (c means clear text). However, there is no h2c in Firefox or Chrome.
What if it is secure? We can use ALPN which is a TLS extension and in the handshake, you send an extension and the server will determine that the communication is h2 and will continue using h2.
Download Tomcat 9
Download the appropriate binary distribution of Tomcat 9 for your system and install by unpacking the bundle. Ensure that you have Java 8 SE installed.
Generate Certificate With OpenSSL
As we have discussed above it is required to configure TLS, for this we need a certificate. If you don’t already have a certificate you can generate one with OpenSSL.
Configure server.xml
One of the changes in Tomcat 9 is that TLS virtual hosting and multiple certificates are supported for a single connector with each virtual host able to support multiple certificates.
Open the conf/server.xml file and make the following configuration changes.
<Connector port="8443"
protocol="org.apache.coyote.http11.Http11AprProtocol"
maxThreads="150" SSLEnabled="true">
<UpgradeProtocol className="org.apache.coyote.http2.Http2Protocol"/>
<SSLHostConfig honorCipherOrder="false">
<Certificate certificateKeyFile="conf/ca.key"
certificateFile="conf/ca.crt"/>
</SSLHostConfig>
</Connector>
Restart Tomcat.
Tracking HTTP/2 Adoption
The adoption of HTTP/2 can be tracked by searching Shodan for the protocols that servers support. The adoption of HTTP/2 was written about by John Matherly who published an article about its adoption in December 2015. I wrote an article looking at the current adoption of HTTP/2 in April 2016 and the change in its take up over the last four months.
Conclusion
To test the configuration visit https://localhost:8443. If you see the Tomcat home page then you have successfully configured TLS for Tomcat 9. You are now ready to develop using servlet 4.0.
Watch this space for more tutorials about servlet 4.0.
If you are interested in the HTTP/2 specification you might be interested in my HTTP/2 specification tutorial.
Related Articles
HTTP/2 under the hood.: A deep dive into the workings of HTTP/2. Discover the performance benefits that come with the most important change in the HTTP protocol for over a decade.
Apache Ant can be configured to run automatically a task that compiles, deploys and starts Tomcat. I demonstrate how to configure an automatic task in the article: Compile, deploy and launch Tomcat with Ant script.
One of the most valuable configuration files in Tomcat is the server.xml. I have published a blog post of an example configuration: Tomcat server.xml example.
Tomcat is often set up with Apache and mod_jk cluster. In this tutorial, I will demonstrate a common configuration for a small production environment: a single tier, load balanced application server cluster.
Installing Tomcat and Java on Linux can be difficult however if you follow this simple guide you shouldn’t have any problems.
Amazon Web Services (AWS) offers the usage of a free tier for 12 months which allows the installation of Tomcat. It comprises of 14 services and the EC2 service is the most valuable to developers. In my blog post Amazon Free Usage Tier: Installing Tomcat 7 on an EC2 Linux instance I demonstrate how to install and configure Tomcat on an EC2 instance.