we are using latest haproxy 2.2.4 as loadbalancer in front of multiple tomcat 9 instances.
i enabled h2 via
frontend:
bind *:443 ssl crt /etc/ssl/private/star.qeep.net.pem alpn h2,http/1.1
backend:
server tomcat1 10.10.10.10:443 ssl maxconn 500 verify none alpn h2,http/1.1 check
and in tomcat’s server.xml
all http api/web requests are working fine with http/2 (i checked both sides chrome network/protocol and tomcat access logs).
But websocket ugpgrade requests are not working if i turn on h2 backend.
With HTTP/1.1 they are correctly upgraded (status code 101) in access logs, with HTTP/2.0 these requests are answered with 404.
Maybe the problem is spring-websocket and I know that i can tinker around with acl matching the path of the websocket requests and separate backend section just for these websocket with http/1.1, but there must be a better solution.