TLS over HTTP/2

[imperugo]

Question Description

I would like to expose the server app on HTTP/2 using TLS 1.3. I've tried forcing the H2 protocol on tlsConfig but it is not working.

Code Snippet (optional)

func (s *ticoHost) getTLSConfig() (*tls.Config, error) {

	cert, err := tls.LoadX509KeyPair(s.Config.CertFile, s.Config.KeyFile)

	if err != nil {
		return nil, err
	}

	tlsCert := &tls.Config{
		Certificates: []tls.Certificate{cert},
		MinVersion:   tls.VersionTLS13,
		NextProtos:   []string{"h2"},
	}

	return tlsCert, nil
}

config, err := s.getTLSConfig()

if err != nil {
	log.Fatal(err)
}

ln, err := tls.Listen("tcp", ":"+strconv.Itoa(s.Config.HttpPort), config)
if err != nil {
	panic(err)
}

log.Fatal(s.httpRoutes.Listener(ln))

Checklist:

• I agree to follow Fiber's Code of Conduct.
• I have checked for existing issues that describe my questions prior to opening this one.
• I understand that improperly formatted questions may be closed without explanation.

[welcome]

Thanks for opening your first issue here! 🎉 Be sure to follow the issue template! If you need help or want to chat with us, join us on Discord https://gofiber.io/discord

[ReneWerner87]

Fiber or the one we use as core (fasthttp) does not yet support http2/3
for most api's this is not necessary either

but if you really need http 2/3 you should simply handle and forward this protocol before

possible solutions for this are cloudflare, nginx as proxy or other reverse proxies

Recipe repository
https://github.com/gofiber/recipes

[imperugo]

Hi @ReneWerner87
thanks for the quick answer. I don't think the reverse proxy is a solution. It is just something to say "ok we have http2" but behind the scenes we use http1.

Http 2 brings number of benefits that, for those using the gRPC protocol, turn out to be almost fundamental because it is born to work on http2 and some libraries works only on http2.

• Binary framing protocol for data transport - unlike HTTP 1.1, which is text based.
• Multiplexing support for sending multiple parallel requests over the same connection - HTTP 1.1 limits processing to one request/response message at a time.
• Bidirectional full-duplex communication for sending both client requests and server responses simultaneously.
• Built-in streaming enabling requests and responses to asynchronously stream large data sets.
• Header compression that reduces network usage.

You have created Fiber in order to be super fast, so I'm pretty sure you know how these benefits could help in terms of performance when you are on an high-traffic scenario

I understand that this is not part of your "product" but, in 2023, Http 2.0 cannot not be part of a modern web framework imho.

[ReneWerner87]

http2 is not so trivial and already in development in fasthttp
valyala/fasthttp#144

when it is available in core we will support it too

[imperugo]

Hi @ReneWerner87
what does it mean "when it is available in core" ?

[ReneWerner87]

we use fasthttp as core library for http transfer and handling, if this is available as a feature there and this package makes a release, we trigger an update mechanism and it automatically ends up in the next release