stackoom
  简体   繁体   中英

How do I enable http2 in C# Kestrel web server over plain http?

 原文  2019-11-03 17:47:00       c#/ http

Question

How do I (and is it possible) to enable http2 over plain http in the C# Kestrel web server? All Microsoft documentation indicates that https/TLS is required, but I have services that will be running behind a load-balancer or nginx and as such don't need a second layer of https. The official http2 spec indicates that https is not required.

4 answers

solution1
 9 ACCPTED  2019-11-04 15:45:49

Scenarios to use unencrypted http2 are load balancers, proxies, etc.

You must do three things to use http2 over unencrypted channel.

Setup Kestrel to use http2 on your server:

builder.ConfigureWebHostDefaults((webBuilder) =>
{
    // this will keep your other end points settings such as --urls parameter
    webBuilder.ConfigureKestrel((options) =>
    {
        // trying to use Http1AndHttp2 causes http2 connections to fail with invalid protocol error
        // according to Microsoft dual http version mode not supported in unencrypted scenario: https://docs.microsoft.com/en-us/aspnet/core/grpc/troubleshoot?view=aspnetcore-3.0
        options.ConfigureEndpointDefaults(lo => lo.Protocols = HttpProtocols.Http2);
    });
});

For .net 5+, create your HttpClient instance, then create a message and specify the version:

var request = new HttpRequestMessage(HttpMethod.Get, uri)
{
    Version = HttpVersion.Version20,
    VersionPolicy = HttpVersionPolicy.RequestVersionOrHigher
};

For .net core 3.1 and older, set a flag to enable http2 unencrypted. Then, when you create an HttpClient , specify the version:

AppContext.SetSwitch("System.Net.Http.SocketsHttpHandler.Http2UnencryptedSupport", true);
var client = new HttpClient { BaseAddress = new Uri(baseUrl), DefaultRequestVersion = new Version(2, 0) };

If you need to support both http1 and http2 on a completely unencrypted host, then you will need to listen on two ports, one for each http version. Then your load balancer or proxy would need to handle the http version and direct to the appropriate port.

You won't see http2 on your browser and will likely get a protocol error, so in those cases you can use an http1 protocol directive just for development environment. Not ideal, but it at least lets you test locally.

solution2
 3  2020-02-18 03:26:35

Make sure you are using Microsoft.AspNetCore.WebHost instead of the generic Microsoft.Extensions.Hosting.Host for the CreateDefaultBuilder as you will run into an annoying OpenSslCryptographicException when running dotnet core 3 grpc containers on docker linux instances.

Also, if you are using health checks, be sure to expose it on a different port as illustrated in the below Program.cs snippet:

public static IWebHostBuilder CreateHostBuilder(string[] args) =>
    WebHost.CreateDefaultBuilder(args)
        .ConfigureKestrel(options => {
            //grpc port for http2 connections
            options.ListenAnyIP(xxxx, listenOptions => {
                listenOptions.Protocols = HttpProtocols.Http2;
            });
            //add health check on a separate port instead of Http1AndHttp2 on same port
            options.ListenAnyIP(xxxx, listenOptions => {
                listenOptions.Protocols = HttpProtocols.Http1;
            });
        })
        .UseStartup<Startup>();

solution3
 2  2020-11-05 13:46:54

The easiest way is to use configuration section for Kestrel in appSettings.json.

  "Kestrel": {
    "EndpointDefaults": {
      "Protocols": "Http2"
    }
  },

To turn of SSL, you may want to remove app.UseHsts() , app.UseHttpsRedirections() options from Statup.cs Configure method and expose only Http url.

You can also use Http1AndHttp2 to support both Http1 and Http2 together.

solution4
 1  2020-12-02 11:03:29

In dotnet 5 AppContext.SetSwitch("System.Net.Http.SocketsHttpHandler.Http2UnencryptedSupport", true); is no longer supported.

To allow prior knowledge http/2 you need to configure your HttpRequestMessage:

var request = new HttpRequestMessage(HttpMethod.Get, new Uri("http://localhost/something"))
            {
                Version = HttpVersion.Version20,
                VersionPolicy = HttpVersionPolicy.RequestVersionOrHigher //This allows http/2 unencrypted,
            };

For reference: https://github.com/dotnet/runtime/issues/987

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Protocol Changes from HTTP2 to SPDY for C# WEB API C# mvc web api. Convert json plain text to cipher text over http How do I implement HTTP Streaming by utilising IIS Web Server for my application in C#/ASP.Net? How to create HTTP Web server in C# handling multiple routes? Listening on HTTP and HTTPS? - C#/ASP.NET/Kestrel How do I configure a C# web service client to send HTTP request header and body in parallel? HTTP over C# sockets How do I convert a string into an HTTP Response in C#? How do I generate an http ETag in c#? C# Web Request / Server Unavailable Error / HTTP Headers
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM