We are building a Netty based service which will be using HTTP/2 protocol. For the server to support HTTP/2 the selected SslProvider (in our case OpenSsl) should support ALPN protocol.
Currently our hosts and the docker container are running OpenSSL v1.0.2k-fips, however netty-tcnative still loads an older OpenSsl version (OpenSSL 1.0.1e-fips) during runtime, that does not support the ALPN protocol.
2022-09-09_05:34:53.50944 DEBUG 2022-09-09 05:34:53,508 [main] io.netty.handler.ssl.OpenSsl: Initialize netty-tcnative using engine: 'default'
2022-09-09_05:34:53.51027 DEBUG 2022-09-09 05:34:53,510 [main] io.netty.handler.ssl.OpenSsl: netty-tcnative using native library: OpenSSL 1.0.1e-fips 11 Feb 2013
I am using the following dynamically linked version of netty-tcnative.
<dependency>
<groupId>io.netty</groupId>
<artifactId>netty-tcnative</artifactId>
<classifier>linux-x86_64-fedora</classifier>
<version>2.0.54.Final</version>
</dependency>
Any advice on what we can do so that netty-tcnative loads the OpenSsl version that is available at runtime ?
We are building a Netty based service which will be using HTTP/2 protocol. For the server to support HTTP/2 the selected SslProvider (in our case OpenSsl) should support ALPN protocol.
Currently our hosts and the docker container are running OpenSSL v1.0.2k-fips, however netty-tcnative still loads an older OpenSsl version (OpenSSL 1.0.1e-fips) during runtime, that does not support the ALPN protocol.
I am using the following dynamically linked version of netty-tcnative.
Any advice on what we can do so that netty-tcnative loads the OpenSsl version that is available at runtime ?