Javier Garza

Enabling HTTP/2 (h2) in Akamai

Blog Post created by Javier Garza Employee on Jan 26, 2015

(content updated on March 7, 2016)

 

HTTP 2 or H2 represents the future of the HTTP protocol and offers several benefits over HTTP 1.1 (see the H2 page on www.akamai.com for a good overview of H2).

 

The H2 protocol was published February 2015, this blog tries to explain how you can benefit from the Akamai Intelligent platform to make your Website H2 ready in a few simple steps.

 

Note: As of writing Akamai H2 support is in "Beta” and available for free to Akamai customers with Web Experience products.

 

Pre-requisites:

1) Your delivery certificate needs to have Perfect Forward Secrecy (PFS) support enabled. You can do this with a couple of clicks in the Luna Control Center using the "SSL Certificate Management Tool". Click on the "DEPLOYMENT AND TLS METADATA" Tab, and ensure the cipher profile matches one of the following:

  • ak-akamai-default-2016q3 (recommended)
  • ak-akamai-default-2016q1
  • ak-akamai-default 
  • ak-akamai-pfs-supported
  • ak-pci-dss-3.1
  • ak-pci-dss-3.2

 

  • Screen Shot 2016-03-07 at 1.33.25 PM.png

 

Screen Shot 2016-03-07 at 1.37.07 PM.png

 

2) You need to use a Web Experience product (like Ion, Alta, WAA, DSA, and RMA) with HTTPS enabled, and have the "HTTP2 Beta" line item in your contract for the behavior to appear in Property Manager (you can contact your Akamai representative if you are not sure if H2 is part of your Akamai contract).

 

3) Note your origin server requires no changes, and will not be impacted in any way as the Akamai Edge server will talk HTTP version 2.x with clients and HTTP version 1.x with your origin server

 

Implementation:

Note: H2 is self-service within Property Manager. If you have a configuration in the legacy "Configuration Manager" mode, you should consider upgrading it to Property Manager so you can enable H2 and benefit from all increased self-service and functionality provided by the Property Manager tool.

 

1) Edit a new version of your Akamai configuration in Property Manager.

 

2) Click the "Add Rule", select "Enable HTTP2" from the list, and click "Insert Rule".

 

Screen Shot 2016-03-07 at 1.43.31 PM.png

 

3) Add the hostname(s) you want to associate with "HTTP2", and save the configuration

 

Screen Shot 2016-03-07 at 1.40.14 PM.png

Note: If you use a value other than 100 on the percentage of clients (in order to do A/B testing). You need to understand the "Percentage of Clients" uses a client-ip bucket type to ensure clients see consistent results (either they get h2 all the time, or never).

 

Here is a 1 minute video showing how to do this: Enabling HTTP/2 using Property Manager

 

4) Activate your configuration

 

Testing:

You can test the certificate requirements by following the instructions in Validate certificate h2 support using openssl

 

You will need to test H2 using a browser that supports the new protocol (see HTTP/2 Browser Support).

Once you have enabled H2 in the browser, visit the site and ensure the protocol version shows as HTTP/2.0

 

You can check https://http2.akamai.com/ to see the Akamai H2 implementation at work.

 

Firefox: Use Firefox Web Developer tools to inspect the headers and check it displays "Version: HTTP/2.0"

http2.akamai,com_FF.png

 

Chrome: In Chrome type "chrome://net-internals/#http2" in the address bar to show which Websites support SPDY and HTTP/2 (check the "Protocol Negotiated" column)

Screen Shot 2015-10-09 at 11.32.52 AM.png

Outcomes