ALPN (Application-Layer Protocol Negotiation)

ALPN (Application Layer Protocol Negotiation)是 TLS 的扩展,允许在安全连接的基础上进行应用层协议的协商。ALPN 支持任意应用层协议的协商,目前应用最多是 HTTP/2 的协商。当前主流浏览器,都只支持基于 HTTPS 部署的 HTTP/2,因为浏览器是基于 ALPN 协议来判断服务器是否支持 HTTP/2 协议。

Posted by sysin on 2020-05-01
Estimated Reading Time 2 Minutes
Words 534 In Total
更新日期:Fri May 01 2020 10:00:00 GMT+0800,阅读量:

请访问原文链接:ALPN (Application-Layer Protocol Negotiation) ,查看最新版。原创作品,转载请保留出处。

作者主页:sysin.org


无耻抄袭者 Yu Tao,请立遁!!!

ALPN (Application Layer Protocol Negotiation)是 TLS 的扩展,允许在安全连接的基础上进行应用层协议的协商。ALPN 支持任意应用层协议的协商,目前应用最多是 HTTP/2 的协商。当前主流浏览器,都只支持基于 HTTPS 部署的 HTTP/2,因为浏览器是基于 ALPN 协议来判断服务器是否支持 HTTP/2 协议。

About

See MDN Web Docs Glossary: Definitions of Web-related termsALPN

Application-Layer Protocol Negotiation (ALPN) is a TLS extension which indicates what application layer protocol is negotiating the encryped connection without requiring additional round trips (sysin).

Protocol Identification sequence
HTTP/1.1 0x68 0x74 0x74 0x70 0x2F 0x31 0x2E 0x31 (“http/1.1”)
HTTP/2 0x68 0x32 (“h2”)
HTTP/2 over cleartext TCP 0x68 0x32 0x63 (“h2c”)

Specifications

Specification Status Notes
RFC 7301 IETF RFC Initial definition.

Support

浏览器和服务端都支持ALPN 协商,是用上 HTTP/2 的大前提。

  • 关于浏览器支持

参看nginx官网文章

In May 2016, Google released Chrome build 51, eliminating support for SPDY and NPN in favor of HTTP/2 and ALPN. Although concern was expressed publicly and privately about the negative consequences before the change was made, Google went ahead (sysin), providing a brief explanation of its reasons for dropping NPN.

At that time Chrome was the only major browser that didn’t support NPN, so users could regain HTTP/2 access by switching to another browser. However, by mid‑2017 all of the most popular browser vendors except Safari (version 10) had dropped support for NPN, starting with the following versions (see the Protocol Details section on the page for each browser at Qualys SSL Labs):

  • Chrome 51

  • Edge 12

  • Firefox 53

  • Internet Explorer 11

  • Opera 38

  • 大部分 Web Server 都依赖 OpenSSL 库提供 https服务,是否支持 ALPN 完全取决于使用的 OpenSSL 版本,OpenSSL 1.0.2 版本才开始支持 ALPN。

The table summarizes Linux operating system support for ALPN and NPN as of September 2017.

Operating System OpenSSL Version ALPN/NPN Support
CentOS/Oracle Linux/RHEL 6.5+, 7.0–7.3 1.0.1e NPN
CentOS/Oracle Linux/RHEL 7.4+ 1.0.2k ALPN and NPN
Debian 7.0 1.0.1e NPN
Debian 8.0 1.0.1k NPN
Debian 9.0 1.1.0f ALPN and NPN
Ubuntu 12.04 LTS 1.0.1 NPN
Ubuntu 14.04 LTS 1.0.1f NPN
Ubuntu 16.04 LTS 1.0.2g ALPN and NPN

检测工具

https://http2.pro/


捐助本站 ❤️ Donate

点击访问官方网站


文章用于推荐和分享优秀的软件产品及其相关技术,所有软件默认提供官方原版(免费版或试用版),免费分享。对于部分产品笔者加入了自己的理解和分析,方便学习和测试使用。任何内容若侵犯了您的版权,请联系作者删除。如果您喜欢这篇文章或者觉得它对您有所帮助,或者发现有不当之处,欢迎您发表评论,也欢迎您分享这个网站,或者赞赏一下作者,谢谢!

支付宝赞赏 微信赞赏

赞赏一下


☑️ 评论恢复,欢迎留言❗️
敬请注册!点击 “登录” - “用户注册”(已知不支持 21.cn/189.cn 邮箱)。请勿使用联合登录(已关闭)