HTTP2 in WHM, why not?

These are my install notes from a successful HTTP2 apache compile using WHM 11.52 and EA3. Done and tested on a virtual machine running CentOS 7.2 x64.

Mod ruid2 with Opcache and all the other standard crap.

Don’t ask me for help. I have no idea what I’m doing and just fumbled my way through this, using information others posted on the interwebs to see if I could do it.
(EDIT: If you screw this up, kill the rawopts files and rebuild).

grab and extract latest openssl
./config shared -fPIC --prefix=/opt/ssl --openssldir=/etc/pki/tls
make
make depend
make install
echo “/opt/ssl/lib” >> /etc/ld.so.conf.d/openssl102.conf
ldconfig

grab and extract latest nghttp2

./configure --prefix=/opt/nghttp2 OPENSSL_LIBS=/opt/ssl
make
make install
echo "/opt/nghttp2/lib" >> /etc/ld.so.conf.d/nghttp2.conf
ldconfig

grab and extract latest curl (for testing http2)
./configure \
--prefix=/opt/curl-ssl \
--with-ssl=/opt/ssl \
--enable-http \
--enable-ftp \
LDFLAGS=-L/opt/ssl/lib \
CPPFLAGS=-I/opt/ssl/include \
--with-nghttp2=/opt/nghttp2
make
make install

apache rawopts: /var/cpanel/easy/apache/rawopts/Apache2_4
--enable-http2=static
--with-nghttp2=/opt/nghttp2
--with-ssl=/opt/ssl
LDFLAGS=-L/opt/ssl/lib
CPPFLAGS=-I/opt/ssl/include

nano /usr/local/apache/conf/includes/pre_main_global.conf
and add
Protocols h2 h2c http/1.1

EA3 BUILD

service httpd restart

Test (edit as needed)
/opt/curl-ssl/bin/curl -k -v --http2 http://testsite.??? | less

RESULTS:
Chrome HTTP:
192.168.69.1 - - [20/Jan/2016:16:17:04 -0500] "GET / HTTP/1.1" 200 203 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/47.0.2526.111 Safari/537.36"

Chrome HTTPS:
192.168.69.1 - - [20/Jan/2016:16:17:25 -0500] "GET / HTTP/2" 200 203 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/47.0.2526.111 Safari/537.36"

Curl:
> HEAD / HTTP/1.1
> Host: HERPDERP
> User-Agent: curl/7.38.0
> Accept: */*
> Connection: Upgrade, HTTP2-Settings
> Upgrade: h2c
> HTTP2-Settings: AAMAAABkAAQAAP__
>
< HTTP/1.1 101 Switching Protocols
< Upgrade: h2c
< Connection: Upgrade
* Received 101
* Using HTTP2, server supports multi-use
* Connection state changed (HTTP/2 confirmed)
* TCP_NODELAY set
* Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
< HTTP/2.0 200

This entry was posted in Tech and tagged , , , , . Bookmark the permalink.

10 Responses to HTTP2 in WHM, why not?

  1. J says:

    Thanks for the guide. I may give it a go. Really glad to see some early adopting.

  2. MK says:

    There’s a slight typo here:
    echo “/opt/ssl/lib” >> /etc/ld.so.conf.d/openssl102.conf

    Should be straight quotes instead.

    And many thanks for this! I was going crazy with all this stuff. These automatically-taking-care-of-everything-for-you systems surely are time-saving. Until they’re not…

    (worked on EA 3.32.14, WHM 56.0, Basic Apache 2.4 config)

  3. TJ says:

    Hopefully someone can help me here…

    root@server [~/nghttp2-1.13.0]# cd /var/cpanel/easy/apache/rawopts/Apache2_4
    -bash: cd: /var/cpanel/easy/apache/rawopts/Apache2_4: No such file or directory
    root@server [~/nghttp2-1.13.0]# cd /var/cpanel/easy/apache/rawopts/
    root@server [/var/cpanel/easy/apache/rawopts]# ls
    ./ ../

    • BOFH says:

      /var/cpanel/easy/apache/rawopts/Apache2_4 is not a directory, it’s a file you must create.

      • TJ says:

        Thanks, but still stuck here.

        root@server [~]# /var/cpanel/easy/apache/rawopts/Apache2_4 –enable-http2=static –with-nghttp2=/opt/nghttp2 –with-ssl=/opt/ssl LDFLAGS=-L/opt/ssl/lib CPPFLAGS=-I/opt/ssl/include
        -bash: /var/cpanel/easy/apache/rawopts/Apache2_4: Permission denied
        root@server [~]# cd /var/cpanel/easy/apache/rawopts/
        root@server [/var/cpanel/easy/apache/rawopts]# ls -lh
        total 8.0K
        drwxr-xr-x 2 root root 4.0K Jul 25 18:23 ./
        drwxr-xr-x 9 root root 4.0K Jul 15 09:23 ../
        -rw-r–r– 1 root root 0 Jul 25 18:23 Apache2_4

        Also, /usr/local/apache/conf/includes/pre_main_global.conf doesn’t exist. Do I just create it?

      • TJ says:

        I might be confused. I added now, the below to the /var/cpanel/easy/apache/rawopts/Apache2_4 file

        –enable-http2=static
        –with-nghttp2=/opt/nghttp2
        –with-ssl=/opt/ssl
        LDFLAGS=-L/opt/ssl/lib
        CPPFLAGS=-I/opt/ssl/include

        root@server [/var/cpanel/easy/apache/rawopts]# service httpd restart

        root@server [/var/cpanel/easy/apache/rawopts]# /opt/curl-ssl/bin/curl -k -v –http2 http://mydomain.com | less
        -bash: /opt/curl-ssl/bin/curl: No such file or directory

    • TJ says:

      Sorry :/ … ok ran the test but doesn’t seem enabled

      root@server [/opt/curl-ssl/bin]# curl -k -v –http2 http://mydomain.com | less
      * Rebuilt URL to: http://mydomain.com/
      % Total % Received % Xferd Average Speed Time Time Time Current
      Dload Upload Total Spent Left Speed
      0 0 0 0 0 0 0 0 –:–:– –:–:– –:–:– 0* Trying 98.159.36.10…
      * Connected to mydomain.com (98.159.36.10) port 80 (#0)
      > GET / HTTP/1.1
      > Host: mydomain.com
      > User-Agent: curl/7.49.1
      > Accept: */*
      > Connection: Upgrade, HTTP2-Settings
      > Upgrade: h2c
      > HTTP2-Settings: AAMAAABkAAQAAP__
      >
      < HTTP/1.1 301 Moved Permanently
      < Date: Mon, 25 Jul 2016 22:33:25 GMT
      < Server: Apache
      < Location: http://www.mydomain.com/
      < Cache-Control: max-age=2592000
      < Expires: Wed, 24 Aug 2016 22:33:25 GMT
      < Content-Length: 233
      < Content-Type: text/html; charset=iso-8859-1
      <
      { [233 bytes data]
      100 233 100 233 0 0 2625 0 –:–:– –:–:– –:–:– 2647
      * Connection #0 to host mydomain.com left intact

      301 Moved Permanently

      Moved Permanently
      The document has moved here.

      Tried this tool too, https://tools.keycdn.com/http2-test says

      Negative! http://www.mydomain.com does not support HTTP/2.0.
      ALPN is not supported.

      • BOFH says:

        This guide is intended for admins who are familiar with the process, so there’s very little hand-holding in the steps.
        If you miss anything, it will not work.

        For example, after editing the rawopts and messing with pre_main_global.conf, the next step is EA3 BUILD (build your profile), which will build apache/php/etc.

  4. Dan says:

    Hello,

    I’ve used this guide to get this working https://vpsineu.com/blog/how-to-setup-http2-in-cpanelwhm-linux-vps-using-easyapache3/

    Not sure what’s the difference but it seems that it did the trick. Thought I would share it here

    Thanks

Leave a Reply

Your email address will not be published.