For YUM repo installed OLS 1.3.8 which version fo OpenSSL is used for HTTP/2 support ? OpenSSL 1.0.1 or 1.0.2 ?
I ask as I was doing some HTTP/2 tests for h2o HTTP/2 server so thought I'd test OpenLiteSpeed too and noticed for ALPN TLS extension test (OpenSSL 1.0.2 required) against OLS SSL enabled server it's not showing up as supported ?
check OpenLiteSpeed 1.3.8 SSL server's support for TLS ALPN and NPN extensions on port 8082
ALPN check reports No ALPN negotiated - ALPN is only supported in OpenSSL 1.0.2, so wonder if OpenLiteSpeed 1.3.8 bundled OpenSSL is <1.0.2 ?
NPN check reports that NPN extension is supported = Next protocol: (1) h2-14
I ask as I was doing some HTTP/2 tests for h2o HTTP/2 server so thought I'd test OpenLiteSpeed too and noticed for ALPN TLS extension test (OpenSSL 1.0.2 required) against OLS SSL enabled server it's not showing up as supported ?
- See for HTTP/2 checks for OpenLiteSpeed 1.3.8 at https://community.centminmod.com/threads/google-dropping-spdy-in-favor-of-http-2.2283/#post-11659
- Versus for h2o HTTP/2 checks https://community.centminmod.com/threads/google-dropping-spdy-in-favor-of-http-2.2283/#post-11660
check OpenLiteSpeed 1.3.8 SSL server's support for TLS ALPN and NPN extensions on port 8082
ALPN check reports No ALPN negotiated - ALPN is only supported in OpenSSL 1.0.2, so wonder if OpenLiteSpeed 1.3.8 bundled OpenSSL is <1.0.2 ?
Code:
/opt/h2o_openssl/bin/openssl s_client -alpn h2-14 -host OPENLITESPEEDHOST.centminmod.com -port 8082
---
New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES256-GCM-SHA384
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
Code:
/opt/h2o_openssl/bin/openssl s_client -nextprotoneg h2-14 -host OPENLITESPEEDHOST.centminmod.com -port 8082
---
New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES256-GCM-SHA384
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
Next protocol: (1) h2-14
No ALPN negotiated