HTTP/1.1 Clients cannot connect to HTTP/2 Port
search cancel

HTTP/1.1 Clients cannot connect to HTTP/2 Port

book

Article ID: 263595

calendar_today

Updated On:

Products

CA API Gateway

Issue/Introduction

We are trying to open HTTP/2 ports on our gateway environment. We are seeing issues when testing where HTTP/1.1 clients are unable to connect. For example, this is from CURL:

$ curl https://<hostname>:7443/hcicurl: (35) error:14077460:SSL routines:SSL23_GET_SERVER_HELLO:reason(1120)

And from within openssl:

$ openssl s_client -connect <hostname>:7443<removed for brevity>---SSL handshake has read 9022 bytes and written 443 bytes---New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES256-GCM-SHA384Server public key is 2048 bitSecure Renegotiation IS supportedNo ALPN negotiatedSSL-Session:    Protocol  : TLSv1.2    Cipher    : ECDHE-RSA-AES256-GCM-SHA384    Session-ID: D600CF4A7E9D69875C5D324C69C673679DA9CEBA419C1A7AE80BA340CB89F0C3    Session-ID-ctx:     Master-Key: A8AF2738929DC30E53500D3E38F437387FE20C11345566564F8995C80BECD5522651EDFF8BD7DD6A96F79D4A5F04C750    Key-Arg   : None    PSK identity: None    PSK identity hint: None    SRP username: None    Start Time: 1680805870    Timeout   : 300 (sec)    Verify return code: 0 (ok)---GET /hciinvalid_prefaceclosed

Environment

Release : 10.1

Resolution

Presently No backward compatibility

Right now, our listeners support either HTTP/1.1 or HTTP/2, not both at the same time. We have a feature on our backlog to add support for both over the same port