Haproxy: how to implement http/2-Support in pfsense

treuss · Aug 7, 2016, 4:52 PM

Hi there,

I found an article[1], explaining how to setup haproxy for handling http/2 requests.

Using another Backend in pfsense and the following lines in my https frontend


bind ... alpn h2,http/1.1 ...
...
use_backend http2 if { ssl_fc_alpn -i h2 }

just gave me this error:

Errors found while starting haproxy
[ALERT] 217/145506 (76220) : parsing [/var/etc/haproxy_test/haproxy.cfg:105] : 'bind 46.16.79.179:443' : 'alpn' : library does not support TLS ALPN extension
[ALERT] 217/145506 (76220) : parsing [/var/etc/haproxy_test/haproxy.cfg:173] : error detected while parsing switching rule : unknown fetch method 'ssl_fc_alpn' in ACL expression 'ssl_fc_alpn'.

Is there any way to configure haproxy in pfsense in order to enable http/2?

Our Setup:

pfSense: 2.3.1-RELEASE-p5
haproxy-devel Package 0.49 = haproxy-devel-1.7.d3

Thanks in advance
Thomas

[1]http://m12.io/blog/http-2-with-haproxy-and-nginx-guide

baldy · Oct 21, 2017, 8:14 PM

Hi,

any news here? did you get it running?

doktornotor · Oct 21, 2017, 8:30 PM

Not supported by currently used openssl version.

$ openssl version
OpenSSL 1.0.2k-freebsd  26 Jan 2017

treuss · Oct 23, 2017, 11:59 AM

Not supported by currently used openssl version.

@doktornotor is this still true for v.2.4.0 ?

doktornotor · Oct 23, 2017, 5:51 PM

Yes, you can easily check for yourself.