How to disable HTTP 2.0 for a single website or domain


Article ID: 237394


Updated On:


ProxySG Software - SGOS Advanced Web Security ISG Proxy


As a test or to troubleshoot HTTP 2.0 related issues, how to disable HTTP 2.0 and downgrade the connection to HTTP 1.1 for a single website site/domain on SGOS 7.3.x.x


This is applicable only for SGOS 7.3.x.x or later. HTTP 2.0 is enabled by default on SGOS 7.3.x.x. SGOS 6.7.x.x and earlier versions automatically downgrades to HTTP 1.1


Below CPL can be applied in a CPL layer in VPM or in local policy file to disable HTTP 2.0 for a single site /domain. This will downgrade to http 1.1. With below CPL proxy will check TLS Extension - SNI (server name indication) against the CPL "client.connection.ssl_server_name" and will remove HTTP 2.0 support from ALPN (Application-Layer Protocol Negotiation) TLS extension. 

<proxy> http2.server.request(no)

<proxy> http2.client.accept(no)