Hello,

Wonder if you could help - I’m having an issue where the instructions to just ‘flip the spdy switch’ aren’t working for me.

Here’s the setup:

Ubuntu 12.04 LTS
Nginx 1.7.12 (upgraded today from Ubuntu mainline/dev PPA - includes ssl modules)
OpenSSL 1.0.1 (build from 19/03/15 - upgraded today)
Have restarted Dovecot/Postfix/PHP5-FPM/Monit and of course Nginx.

Spdycheck.org is showing no spdy due to no NPN (but this version of openssl supports it, checked changelog), the Chrome/FF extensions also reporting no spdy. SSL Labs are reporting 'No’ for NPN.

Also trying to get HSTS working with no joy either. Using the line below.

Where am I going wrong?

I have included the following in the sites-enabled host file, for the https server block:

listen 443 ssl spdy default_server;

[servername, limitcon, log, keepalive_timeout, ssl certs…]

addheader Strict-Transport-Security “max-age=31536000; includeSubDomains”;
addheader Alternate-Protocol 443:npn-spdy/3;
I’m seeing nothing about the latter two headers in the Network section of the Chrome/FF [F12] profilers.

Thanks!

–
This is a a new thread based on comment here