I'm running DirectAdmin with OpenLiteSpeed on a CloudLinux VM.
iPhone Safari users have been reporting problems, either a plain white screen of death, or the NSPOSIXErrorDomain:100 error.
Testing my server via curl, it's returning a Keep-Alive connection header with an http2 response, which is apparently invalid, and causes Safari to error out.
Does anyone know which config file I need to edit to prevent the Keep-Alive header on an http2 connection?
iPhone Safari users have been reporting problems, either a plain white screen of death, or the NSPOSIXErrorDomain:100 error.
Testing my server via curl, it's returning a Keep-Alive connection header with an http2 response, which is apparently invalid, and causes Safari to error out.
# curl -vL --head https://www.sgtsmess.co.uk
* Trying 116.203.194.196:443...
* Connected to www.sgtsmess.co.uk (116.203.194.196) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4STRENGTH
* successfully set certificate verify locations:
* CAfile: /etc/pki/tls/certs/ca-bundle.crt
* CApath: none
* TLSv1.2 (OUT), TLS header, Certificate Status (22):
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-RSA-AES128-GCM-SHA256
* ALPN, server accepted to use h2
* Server certificate:
* subject: CN=mail.sgts-mess.co.uk
* start date: Oct 10 21:19:01 2020 GMT
* expire date: Jan 8 21:19:01 2021 GMT
* subjectAltName: host "www.sgtsmess.co.uk" matched cert's "www.sgtsmess.co.uk"
* issuer: C=US; O=Let's Encrypt; CN=Let's Encrypt Authority X3
* SSL certificate verify ok.
* Using HTTP2, server supports multi-use
* Connection state changed (HTTP/2 confirmed)
* Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
* Using Stream ID: 1 (easy handle 0xecc440)
> HEAD / HTTP/2
> Host: www.sgtsmess.co.uk
> user-agent: curl/7.73.0
> accept: */*
>
* Connection state changed (MAX_CONCURRENT_STREAMS == 100)!
* http2 error: Invalid HTTP header field was received: frame type: 1, stream: 1, name: [connection], value: [Keep-Alive]
* HTTP/2 stream 0 was not closed cleanly: PROTOCOL_ERROR (err 1)
* stopped the pause stream!
* Connection #0 to host www.sgtsmess.co.uk left intact
curl: (92) HTTP/2 stream 0 was not closed cleanly: PROTOCOL_ERROR (err 1)
Does anyone know which config file I need to edit to prevent the Keep-Alive header on an http2 connection?