Enable HTTP2 on NGINX

If you are installing NGINX using an apt package manager like

apt install nginx-full

You will install nginx 1.18 despite using the latest Ubuntu (Ubuntu 22.04) and yet still use HTTP 1.1 on the default nginx vhost SSL configuration.

HTTP1.1 on nginx ssl
server {

	root /var/www/html;
	index index.html index.htm index.nginx-debian.html;

	server_name <your host name>;

	location / {
		try_files $uri $uri/ =404;

    listen [::]:443 ssl ipv6only=on; # managed by Certbot
    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/redroc.nauf.al/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/redroc.nauf.al/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot


So, in order to use HTTP/2, you should change the line listen ssl to listen ssl http2.

    listen [::]:443 ssl ipv6only=on; # managed by Certbot
    listen 443 ssl; # managed by Certbot

Change into

    listen [::]:443 ssl ipv6only=on http2; # managed by Certbot
    listen 443 ssl http2; # managed by Certbot
http2 ssl nginx configuration

What is the HTTP/2 Protocol

HTTP/2 improved on HTTP/1.1 in a number of ways that allowed for speedier content delivery and improved user experience, including:

  • Binary protocols – Binary protocols consume less bandwidth, are more efficiently parsed, and are less error-prone than the textual protocols used by HTTP/1.1. Additionally, they can better handle elements such as whitespace, capitalization, and line endings.
  • Multiplexing – HTTP/2 is multiplexed, i.e., it can initiate multiple requests in parallel over a single TCP connection. As a result, web pages containing several elements are delivered over one TCP connection. These capabilities solve the head-of-line blocking problem in HTTP/1.1, in which a packet at the front of the line blocks others from being transmitted.
  • Header compression – HTTP/2 uses header compression to reduce the overhead caused by TCP’s slow-start mechanism.
  • Server push – HTTP/2 servers push likely-to-be-used resources into a browser’s cache, even before they’re requested. This allows browsers to display content without additional request cycles.
  • Increased security – Web browsers only support HTTP/2 via encrypted connections, increasing user and application security.

HTTP/2 explanation : https://www.imperva.com/learn/performance/http2/