Showing results for 
Search instead for 
Did you mean: 
Login & Join the DevCentral Connects Group to watch the Recorded LiveStream (May 12) on Basic iControl Security - show notes included.

Issues applying HTTP/2 protocol to Virtual Server


We have a request by an application team to enable HTTP/2 protocol to their Virtual Servers. We were able to configure and apply it to the Non-Production Virtual servers, but when I attempted to apply the same HTTP/2 protocol to the Production Virtual Servers, it failed. I received the following error from a curl command:


curl: (92) HTTP/2 stream 1 was not closed cleanly: PROTOCOL_ERROR (err 1)


I have compared both Non-Production and Production configurations and they are the same. Could someone provide me the recommended solution for enabling HTTP/2 protocol. This is the steps that i performed:


  1. I created a new Client/Server side SSL Profiles with "renegotiation" unchecked.
  2. I created a HTTP/2 Profile specific to the application.
  3. I replaced the existing Client/Server side SSL profiles with the newly created profiles.
  4. I applied the HTTP/2 profile to the virtual server.


As soon as i click the update button, i run the curl command and get the above error.


Any help would be appreciated.







This issue seems to be something related to content length and type.


Packet captures would give you more insight in to where the problem is originating.


Hope it helps,



I check the content length/type for both environments and they are the same. I will run a capture tonight. Is there a recommended syntax to add to the tcpdump command to get the most insight to the traffic?


1) You have to use a iRule to collect SSL session secrets to be used in wire-shark to decrypt the SSL traffic in captures.


Decrypting SSL traffic using the SSL::sessionsecret iRules command


2) command for captures::

tcpdump -vvni 0.0:nnnp -s0 host <Client_IP>-w /var/tmp/file_name.pcap