New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add support for TLS ALPN #223
Comments
Comment by ktoso Jetty's docs on the ALPN lib: (as mentioned by Johannes, they copied and changed one of JDK's classes with changes, thus to use it it has to be first on the classpath): http://www.eclipse.org/jetty/documentation/current/alpn-chapter.html |
Comment by ktoso HTTP2 is not on the near-term roadmap, moving to backlog (though I'd love to work on it). |
Comment by timcharper This project is using Jetty's ALPN: https://github.com/http4s/blaze Looks like there's a nice HPack module that Twitter released, too. |
Comment by ktoso Yup, we're aware of those :-) I read both and they look v. good. |
Comment by timcharper Wonderful! Feeling anxious to see this start materializing, and I'd like to help. I know there's lots of important things to do, though. I noticed a mentorship request was declined because you guys are too busy, and maybe my attempts at helping would be more harm than help because you already have a clear idea of how you want to see it implemented. |
Comment by ktoso Help certainly is very welcome! The mentorship you mention was a student project which while I think is great, sadly at that point in time was very scalaz and other libraries dependent so it would have been very hard to pull it into akka (we try to be as dependency free as possible). I'll keep you updated once we have a battle plan. January is performance and Java 8 month :-) |
Comment by hepin1989 |
Comment by ktoso This one I did not know, thanks @hepin1989! :-) Sadly enabling ALPN will continue to need such hacks until natively supported by the JDK. |
Comment by hepin1989 netty/netty#3481 another link about this. |
Seems no way around this hack currently. It's major disadvantage is that the jetty package needs to replace parts of the JDK TLS stack with patched versions for which a JAR file needs to be put into the bootclasspath. The patches only work with a concrete particular version of the JRE. The advantage of using the agent (https://github.com/trustin/jetty-alpn-agent) is that it will choose the right version of the patched jar. |
Actually it would be great if the ALPN setup isn't too much different from Netty. |
@schmitch much of the Netty information starts with http://netty.io/wiki/requirements-for-4.x.html#transport-security-tls |
Tested both jetty-alpn which works and also |
Issue by jrudolph
Wednesday Feb 11, 2015 at 15:36 GMT
Originally opened as akka/akka#16861
RFC 7301
This is a prerequisite to implement HTTP/2 (#16862) if it should be hosted on port 443 together with https fallback (which is recommended).
Ultimately, this needs support in the JDK. For now there's a jetty initiative to add ALPN to the existing implementation.
/cc @sirthias
The text was updated successfully, but these errors were encountered: