We will show you how to set up Nginx with HTTP/2 Support on Debian 9. HTTP/2 is a major revision of the HTTP network protocol and offers many benefits. Enabling HTTP/2 on Nginx running on Debian 9 server, is pretty easy task if your carefully follow the tutorial below. Let’s get started!
What is HTTP/2?
HTTP/2 is a major revision of the HTTP network protocol. It is derived from the experimental SPDY protocol developed by Google. The primary goal of HTTP/2 is to reduce the latency, minimize the protocol overhead and add support for request prioritization. This makes the web applications to load much faster.
High level syntax like status codes, methods, headers fields, URIs etc. are the same as the earlier version of HTTP except there is a difference on how the data is framed and transported between the client and the server.
HTTP/2 support was introduced in Nginx version 1.9.5 and it is available in all newer versions. If you are using Debian 9 as an operating system you should not worry whether you can use HTTP/2 with Nginx or not. The Nginx version that is included in the default Debian 9 repository is higher than 1.9.5 so HTTP/2 support will be included.
To check the Nginx version installed on your Debian VPS, connect to your server via SSH and run the following command:
nginx -v
The output should be similar to the one below:
# nginx -v nginx version: nginx/1.10.3
If you get something like the following:
# nginx -v -bash: /usr/sbin/nginx: No such file or directory
It means Nginx is not installed on your Linux VPS and you need to install it first. Run the following commands to install Nginx:
apt-get update apt-get install nginx
Once the installation is completed run the command above to verify that Nginx is installed and it supports HTTP/2.
Set up Nginx with HTTP/2 support on Debian 9
HTTP/2 does not require encryption. However, currently no browser supports HTTP/2 unencrypted so you need to have a valid SSL certificate issued for your domain before proceeding with the other steps in this tutorial.
To enable HTTP/2 in Nginx, open the default Nginx server block using a text editor of your choice.
nano /etc/nginx/sites-available/default
Then, add the following lines:
server {
listen 443 ssl http2 default_server;
server_name domain.com www.domain.com;
root /var/www/html;
index index.html;
location / {
try_files $uri $uri/ =404;
}
ssl_certificate /etc/nginx/ssl/domain.com.crt;
ssl_certificate_key /etc/nginx/ssl/domain.com.key;
}
server {
listen 80;
server_name domain.com www.domain.com;
return 301 https://$server_name$request_uri;
}
Use your domain name for server_name, the location of your website data for root and the path to your SSL certificate and private key for ssl_certificate and ssl_certificate_key.
Once you are done, save the file and close it. Check if there are syntax errors in the Nginx configuration using the command below:
nginx -t
If everything is OK with the configuration, the output should be similar to the one below:
# nginx -t nginx: the configuration file /etc/nginx/nginx.conf syntax is ok nginx: configuration file /etc/nginx/nginx.conf test is successful
Otherwise, the errors will be listed in the output so you easily find out what the problem is.
Once you are sure there are no problems with the configuration in Nginx, you can restart the service using the following command:
systemctl restart nginx.service
One thing that we can improve here is the key exchange security. Nginx by default uses a 1028-bit Diffie-Hellman key and we can generate new, a more secure one. To generate new Diffie-Hellman key run the following command:
openssl dhparam -out /etc/nginx/ssl/dhparam.pem 2048
The process will take a couple of minutes to complete. Once the key is generated, open the default Nginx server block and add the following line under ssl_certificate_key:
ssl_dhparam /etc/nginx/ssl/dhparam.pem;
Then, restart Nginx for the changes to take effect.
If you want to set up Nginx with HTTP/2 support for a different domain name, you can follow our tutorial on how to set up server blocks in Nginx.
Also, if you are using Ubuntu 16.04 or CentOS 7 as an operating system, you can check our tutorial on how to enable HTTP/2 in Nginx on Ubuntu or CentOS.
Verify that Nginx supports HTTP/2
To check whether HTTP/2 is enabled in Nginx you can use our online HTTP/2 checker tool.