HTTP/2 requires a secure server connection. Although encryption is not a requirement introduced by the HTTP Working Group, all browser support HTTP/2 only if the site is encrypted (using TLS or silmilar protocol).
If your site doesn’t have HTTPS enabled, head over to the previous article explaining how to obtain and install a free HTTPS certificate.
The good news is that most modern browsers already support HTTP/2.
I highly recommend installing the HTTP/2 and SPDY indicator ⚡ Chrome extension. It’s a tiny browser plugin indicating when a site is using one of the modern application protocols.
Installation
Make sure you are running Apache v. 2.4.17 or newer. If you’re on an earlier version you’ll have to upgrade. If you’re running Debian/Ubuntu and the recent version is not available then you’ll need to install a testing apache2 package. As of the date of this article, the current stable release is codenamed jessie. To gain access to newer packages that have not reached the stable status, edit /etc/apt/sources.list and replace all instances of the codename jessie with stretch.
Use apt-get update to retrieve the list of packages and run apt-get install apache2. Confirm the Apache build version by using the following command:
$ apache2 -vConfiguration
The HTTP2 module has to be enabled. Run the command to activate Apache mod_HTTP2.
$ a2enmod http2The final step is to configure Apache by editing config files. I added the following line to /etc/apache2/sites-enabled/default-ssl.conf.
<IfModule http2_module>
ProtocolsHonorOrder On
Protocols h2 http/1.1
</IfModule>Testing
Restart Apache and test if the server is communicating with the browser using the HTTP2 protocol. You want to see the HTTP/2 and SPDY plugin’s icon turn blue.
$ service apache2 restart
Hi, I had not seen the last part of configuration in other guides. Maybe it isn’t required but is nice to have for explicit protocol order? If that is not there, then does the web browser decide which protocol to use first?