[NGINX] from 1.25.1 `listen`'s `http2` parameter is deprecated in favor of the new `http2` directive

toraritte commented 1 year ago

https://ssl-config.mozilla.org/#server=nginx&version=1.25.1&config=intermediate&openssl=3.0.2&guideline=5.7 lists

server {
    listen 443 ssl http2;
    listen [::]:443 ssl http2;
# ...

but it should be

server {
    listen 443 ssl;
    listen [::]:443 ssl;

    http2 on;
# ...

Deprecation notice from http://nginx.org/en/docs/http/ngx_http_core_module.html#listen,

The http2 parameter (1.9.5) configures the port to accept HTTP/2 connections. Normally, for this to work the ssl parameter should be specified as well, but nginx can also be configured to accept HTTP/2 connections without SSL.

The parameter is deprecated, the http2 directive should be used instead.

and following the link to the new http2 directive:

Syntax: http2 on \ off;

http2 off; http, server

This directive appeared in version 1.25.1.
### Tasks

d4rklynk commented 10 months ago

I did a duplicate, see here -> https://github.com/mozilla/ssl-config-generator/pull/207

toraritte commented 10 months ago

Closing as there is already a PR #207 "add http2 directive for nginx" for it. (Thank you @d4rklynk for pointing it out!)

mozilla / ssl-config-generator

[NGINX] from 1.25.1 `listen`'s `http2` parameter is deprecated in favor of the new `http2` directive #210