We are trying to open HTTP/2 ports on our gateway environment. We are seeing issues when testing where HTTP/1.1 clients are unable to connect. For example, this is from CURL:
$ curl https://<hostname>:7443/hcicurl: (35) error:14077460:SSL routines:SSL23_GET_SERVER_HELLO:reason(1120)
And from within openssl:
$ openssl s_client -connect <hostname>:7443<removed for brevity>---SSL handshake has read 9022 bytes and written 443 bytes---New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES256-GCM-SHA384Server public key is 2048 bitSecure Renegotiation IS supportedNo ALPN negotiatedSSL-Session: Protocol : TLSv1.2 Cipher : ECDHE-RSA-AES256-GCM-SHA384 Session-ID: D600CF4A7E9D69875C5D324C69C673679DA9CEBA419C1A7AE80BA340CB89F0C3 Session-ID-ctx: Master-Key: A8AF2738929DC30E53500D3E38F437387FE20C11345566564F8995C80BECD5522651EDFF8BD7DD6A96F79D4A5F04C750 Key-Arg : None PSK identity: None PSK identity hint: None SRP username: None Start Time: 1680805870 Timeout : 300 (sec) Verify return code: 0 (ok)---GET /hciinvalid_prefaceclosed
Release : 10.1
Presently No backward compatibility
Right now, our listeners support either HTTP/1.1 or HTTP/2, not both at the same time. We have a feature on our backlog to add support for both over the same port