B4J Tutorial [server] Conscrypt and Http/2

Discussion in 'B4J Tutorials' started by Erel, May 15, 2018.

  1. Erel

    Erel Administrator Staff Member Licensed User

    Edit: It seems like there is an issue with Http/2 enabled with Conscrypt (https://github.com/eclipse/jetty.project/issues/2342). For now it is recommended to use Java 9+ without Conscrypt if you want to enable Http/2.

    Http/2 is a newer version of the Http protocol. It provides better performance over Http 1.1 with lower overhead.
    If the browser doesn't support Http/2 then it will switch automatically to Http 1.1.

    Conscrypt is an open source project developed by Google that provides an alternative SSL provider.
    1. It provides better performance than the default SSL provider.
    2. It supports Http/2, including with Java 8.

    The default provider supports Http/2 starting from Java 9.

    This means that you have two options to enable Http/2:
    1. With Java 9+ and the default provider.
    2. With Java 8+ and Conscrypt.
    Conscrypt is the recommended provider.
    Note that you can use Conscrypt without Http/2.

    Http/2 is supported by jServer for a long time, however with jServer v3.00 (B4J v6.3) the configuration is much simpler.

    1. Http/2 only works with SSL connections. This means that you first need to configure SSL.
    2. Set Server.Http2Enabled property to True before the server is started.
    3. If you want to use Conscrypt:
    - Download conscrypt jar and copy it to the additional libraries folder
    - Add:
    #AdditionalJar: conscrypt-openjdk-uber-1.1.2
    And call:
    Sub AppStart (Args() As String)
       srvr.Port = 
       srvr.Http2Enabled = 
    True '<-------
    End Sub

    Private Sub ConfigureSSL (SslPort As Int)
    Dim ssl As SslConfiguration
    "...""..."'path to keystore file
       ssl.KeyStorePassword = "xxx"
       ssl.KeyManagerPassword =
       srvr.SetSslConfiguration(ssl, SslPort)
    End Sub
    You should see these two lines in the logs when the server is started:

    2018-05-15:INFOejus.SslContextFactory:main: x509=X509@3c7f66c4(jetty,h=[b4x.com],w=[b4x.com]) for SslContextFactory@194bcebf[provider=Conscrypt,keyStore=...,trustStore=null]
    2018-05-15:INFOejs.AbstractConnector:main: Started ServerConnector@173ed316{SSL,[ssl, alpn, h2, http/1.1]}{}

    Check the protocol with the browser developer tools:


    The special boot class jar that was previously used is no longer required.
    Last edited: May 21, 2018 at 6:11 AM
    DonManfred, BPak, Roberto P. and 8 others like this.
  2. Roberto P.

    Roberto P. Well-Known Member Licensed User

    Hi Erel
    can it also be used to exchange data with the app?

    I use B4XSerializator objects

    thank you
    joulongleu likes this.
  3. Erel

    Erel Administrator Staff Member Licensed User

    Http/2 has nothing to do with your question. Please start a new thread in the questions forum for further discussion.
  4. Jmu5667

    Jmu5667 Well-Known Member Licensed User

    Morning, Just implemented this new method, all good so far !!! This probably means we can you this on java 8 152+, as currently using the old bootclass method fails on Java 8 152+

    Great work as always Erel.
    Erel likes this.
  5. Erel

    Erel Administrator Staff Member Licensed User

    It will work with all versions of Java 8.
    Jmu5667 likes this.
  6. Jmu5667

    Jmu5667 Well-Known Member Licensed User

    I will update to latest Java and let you know the results, maybe try Java 64 bit also
  7. Jmu5667

    Jmu5667 Well-Known Member Licensed User

    Works fine on Java 1.8.0_171 :)
    DonManfred likes this.
  8. Erel

    Erel Administrator Staff Member Licensed User

    Updated first post with warning about a possible issue with Conscrypt.
    alwaysbusy and mindful like this.
  9. gravel

    gravel Member Licensed User

    Just to clarify for me.
    Does this mean that Conscrypt is OK with Java 8?
  10. Erel

    Erel Administrator Staff Member Licensed User

    No. If you want to use Http/2 you should use Java 9 or 10 without Conscrypt.
  11. alwaysbusy

    alwaysbusy Well-Known Member Licensed User

    I'm not quite clear now what we have to do to use HTTP2:

    1. Conscrypt: memory leak in Jetty/conscrypt (not yet got the 'to many files' error, but shouldn't be used from what I understand)
    2. JDK 9 + #VirtualMachineArgs: -Xbootclasspath/p:alpn-boot-8.1.12.v20180117.jar: -Xbootclasspath/p is no longer a supported option.

    So is reverting back to JDK the correct way of action?
  12. Erel

    Erel Administrator Staff Member Licensed User


    It is simple:

    1. Use Java 9+.
    2. Don't do anything else except of setting Http2Enabled to True.

    To make it clear:

    1. Do not add -Xbootclasspath...
    2. Do not call ssl.EnableConscryptProvider
    3. Do not add #AdditionalJar: conscrypt-openjdk-uber-1.1.
    Jmu5667 likes this.
  13. alwaysbusy

    alwaysbusy Well-Known Member Licensed User

    Ah, that wasn't clear to me o_O. Thanks for the clarification. Hopefully they (jetty) find some solution for Conscrypt soon.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice