Based on our previous example, we only need to make one key change. Instead of just specifying ssl as the listening protocol, we add http2:
server {
listen 443 ssl http2;
server_name http2.nginxcookbook.com;
ssl_certificate /etc/ssl/public.pem;
ssl_certificate_key /etc/ssl/private.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
access_log /var/log/nginx/ssl-access.log combined;
location /favicon.ico { access_log off; log_not_found off; }
root /var/www;
}
No changes to protocols or ciphers are necessary. To verify that HTTP/2 is working, you can use Chrome Developer Tools (DevTools) to show the protocol, or an external tool, such as the one KeyCDN provides:
Source: https://tools.keycdn.com/http2-test
While a simple page won't show the performance difference, with the average page demand of around 50–70 requests we should see about 20 percent improvement. For more complex sites (for example, e-commerce sites) where there are more than 200 requests, the difference is even more dramatic.