B4J Tutorial [server] Conscrypt and Http/2

Erel

Administrator
Staff member
Licensed User
Edit: It seems like there is an issue with Http/2 enabled with Conscrypt (https://github.com/eclipse/jetty.project/issues/2342). For now it is recommended to use Java 9+ without Conscrypt if you want to enable Http/2.

Http/2 is a newer version of the Http protocol. It provides better performance over Http 1.1 with lower overhead.
If the browser doesn't support Http/2 then it will switch automatically to Http 1.1.

Conscrypt is an open source project developed by Google that provides an alternative SSL provider.
1. It provides better performance than the default SSL provider.
2. It supports Http/2, including with Java 8.

The default provider supports Http/2 starting from Java 9.

This means that you have two options to enable Http/2:
1. With Java 9+ and the default provider.
2. With Java 8+ and Conscrypt.
Conscrypt is the recommended provider.
Note that you can use Conscrypt without Http/2.

Http/2 is supported by jServer for a long time, however with jServer v3.00 (B4J v6.3) the configuration is much simpler.

1. Http/2 only works with SSL connections. This means that you first need to configure SSL.
2. Set Server.Http2Enabled property to True before the server is started.
3. If you want to use Conscrypt:
- Download conscrypt jar and copy it to the additional libraries folder
- Add:
B4X:
#AdditionalJar: conscrypt-openjdk-uber-1.1.4
And call:
B4X:
ssl.EnableConscryptProvider
Example:
B4X:
Sub AppStart (Args() As String)
   srvr.Initialize("srvr")
   srvr.Port = 6727
   srvr.AddHandler("/hello", "HelloPage", False)
   srvr.AddWebSocket("/test", "test")
   srvr.Http2Enabled = True '<-------
   ConfigureSSL(55555)
   srvr.Start
   StartMessageLoop
End Sub

Private Sub ConfigureSSL (SslPort As Int)
   Dim ssl As SslConfiguration
   ssl.Initialize
   ssl.SetKeyStorePath("...", "...") 'path to keystore file
   ssl.KeyStorePassword = "xxx"
   ssl.KeyManagerPassword ="xxx"
   ssl.EnableConscryptProvider '<-----------
   srvr.SetSslConfiguration(ssl, SslPort)
End Sub
You should see these two lines in the logs when the server is started:

2018-05-15:INFOejus.SslContextFactory:main: x509=X509@3c7f66c4(jetty,h=[b4x.com],w=[b4x.com]) for SslContextFactory@194bcebf[provider=[B]Conscrypt[/B],keyStore=...,trustStore=null]
2018-05-15:INFOejs.AbstractConnector:main: Started ServerConnector@173ed316{SSL,[ssl, alpn, h2, http/1.1]}{0.0.0.0:55555}

Check the protocol with the browser developer tools:




The special boot class jar that was previously used is no longer required.
 
Last edited:

Roberto P.

Well-Known Member
Licensed User
Hi Erel
can it also be used to exchange data with the app?

I use B4XSerializator objects

thank you
 

Jmu5667

Well-Known Member
Licensed User
Morning, Just implemented this new method, all good so far !!! This probably means we can you this on java 8 152+, as currently using the old bootclass method fails on Java 8 152+

Great work as always Erel.
 

gravel

Member
Licensed User
Just to clarify for me.
For now it is recommended to use Java 9+ without Conscrypt if you want to enable Http/2.
Does this mean that Conscrypt is OK with Java 8?
 

alwaysbusy

Expert
Licensed User
I'm not quite clear now what we have to do to use HTTP2:

1. Conscrypt: memory leak in Jetty/conscrypt (not yet got the 'to many files' error, but shouldn't be used from what I understand)
2. JDK 9 + #VirtualMachineArgs: -Xbootclasspath/p:alpn-boot-8.1.12.v20180117.jar: -Xbootclasspath/p is no longer a supported option.

So is reverting back to JDK 1.8.0.171 the correct way of action?
 

Erel

Administrator
Staff member
Licensed User
So is reverting back to JDK 1.8.0.171 the correct way of action?
No.

It is simple:

1. Use Java 9+.
2. Don't do anything else except of setting Http2Enabled to True.

To make it clear:

1. Do not add -Xbootclasspath...
2. Do not call ssl.EnableConscryptProvider
3. Do not add #AdditionalJar: conscrypt-openjdk-uber-1.1.
 
Top