HTTP/2 Is being used for all bumped HTTP/1.1 server which breaks connections and protocol

[elico]

In my test's now I have a CentOS 7 server which has Cockpit on port 9090. I am using RedWood with ssl-bump for all connections as a plain http proxy. I have trouble accessing the cockpit web interface which is based on web sockets. The basic issue is that the remote host is being bumped blindly into HTTP/2 but the remote server is using HTTP/1.1. For many services it works fine but for websocket(wss://) and couple other security features the connections is breaking. I do not remember where I have seen the sources on another project but, it is doable to verify what is the remote server tls/http support before forcing the client into HTTP/2.

What do you think @andybalholm?

[andybalholm]

This was changed in commit 009a57e1a0caa19d3c316b42acdd19d2bf586d03. Now Redwood only advertises support for HTTP/2 if the upstream server does.

[andybalholm]

@thinkwelltwd mentioned another websocket issue to me. Maybe that's actually what you're running into. Redwood's wss:// support works fine with gorilla/websocket, but when the server is running Centrifugo it has authentication issues.