Red Hat Training

A Red Hat training course is available for Red Hat JBoss Web Server

Chapter 7. Enabling HTTP/2 for the Red Hat JBoss Web Server

The Hypertext Transfer Protocols are standard methods of transmitting data between applications (such as servers and browsers) over the internet. HTTP/2 improves on HTTP/1.1 by providing enhancements such as:

  • header compression - reducing the size of the header transmitted by omitting implied information, and
  • multiple requests and responses over a single connection - using binary framing to break down response messages, as opposed to textual framing.

Using HTTP/2 with the Red Hat JBoss Web Server:

  • is supported for encrypted connections over TLS (h2).
  • is not supported for unencrypted connections over TCP (h2c).


  • Root user access (Red Hat Enterprise Linux and Solaris systems), or
  • Administrative access (Windows Server).
  • Red Hat JBoss Web Server 5.0 or higher
  • The following operating system native libraries (provided by jws-application-server-5.0.0-<platform>-<architecture>.zip where available).

    • Tomcat Native, for example:

    • Apache Portable Runtime (APR):


      Where the APR libraries are provided by jws-application-server-5.0.0-<platform>-<architecture>.zip for Red Hat Enterprise Linux, the libraries will be a symbolic link to:

    • OpenSSL, for example:


      Where the OpenSSL libraries are provided by jws-application-server-5.0.0-<platform>-<architecture>.zip for Red Hat Enterprise Linux, the libraries will be symbolic links to:

  • A connector that supports the HTTP/2 protocol with SSL enabled. For JBoss Web Server 5.0, the connectors with HTTP/2 protocol support are:

    • The APR Native connector (APR)
    • The NIO connector with JSSE + OpenSSL (JSSE)
    • The NIO2 connector with JSSE + OpenSSL (JSSE)


Enable HTTP/2 for a connector:

  1. Add the HTTP/2 upgrade protocol (<UpgradeProtocol className="org.apache.coyote.http2.Http2Protocol" />) to the connector in the server configuration JWS_HOME/tomcat/conf/server.xml.

    For example:

    <Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol"
               maxThreads="150" SSLEnabled="true">
        <UpgradeProtocol className="org.apache.coyote.http2.Http2Protocol" />
            <Certificate certificateKeystoreFile="/KeyStore.jks"
                         type="RSA" />

    server.xml contains an example connector definition for the APR protocol with the upgrade protocol to HTTP/2:

    <Connector port="8443"
               maxThreads="150" SSLEnabled="true" >
        <UpgradeProtocol className="org.apache.coyote.http2.Http2Protocol" />
            <Certificate certificateKeyFile="conf/localhost-rsa-key.pem"
                         type="RSA" />
  2. Restart the Red Hat JBoss Web Server as the root user, to apply the changed configuration.

    1. For SysV (Red Hat Enterprise Linux 6) users:

      # service jws5-tomcat restart
    2. For systemd (Red Hat Enterprise Linux 7) users:

      # systemctl restart jws5-tomcat.service
    3. For Red Hat Enterprise Linux users running Red Hat JBoss Web Server using

      # JWS_HOME/sbin/
      # JWS_HOME/sbin/
    4. For Solaris users:

      # sh JWS_HOME/tomcat/bin/ stop
      # sh JWS_HOME/tomcat/bin/ start
    5. For Windows Server users:

      # net restart tomcat9

Next Steps

Verify that HTTP/2 is enabled by reviewing the Red Hat JBoss Web Server logs or by using the curl command:

  • Check the console output log (JWS_HOME/tomcat/logs/catalina.out) to verify that the "connector has been configured to support negotiation to [h2]":

    $ cat JWS_HOME/tomcat/logs/catalina.out | grep 'h2'
    06-Apr-2018 04:49:26.201 INFO [main] org.apache.coyote.http11.AbstractHttp11Protocol.configureUpgradeProtocol The ["https-openssl-apr-8443"] connector has been configured to support negotiation to [h2] via ALPN
  • Or verify using curl (for versions of curl that support HTTP2):


    To check curl for HTTP/2 support:

    $ curl -V
    curl 7.55.1 (x86_64-redhat-linux-gnu) ...
    Release-Date: 2017-08-14
    Protocols: dict file ftp ftps gopher http https ...
    Features: AsynchDNS IDN IPv6 Largefile GSS-API Kerberos SPNEGO NTLM NTLM_WB SSL libz TLS-SRP HTTP2 UnixSockets HTTPS-proxy Metalink PSL
    • For example, when the HTTP/2 protocol is inactive:

      $ curl -I http://<JBoss_Web_Server>:8080/
      HTTP/1.1 200
    • But if the HTTP/2 protocol is active, curl returns:

      $ curl -I https://<JBoss_Web_Server>:8443/
      HTTP/2 200

      Where <JBoss_Web_Server> is the URI of the modified connector (such as, and the port number is dependent on your configuration.

Additional Resources