13

When testing on Windows 10 we were seeing lots of browser incompatibilities that I hadn't seen before with earlier Windows versions. Some browsers would work, but others would report ERR_SPDY_PROTOCOL_ERROR. My quick search for this problem showed I was not alone.

My app uses WWSAPI and HTTP.SYS with HTTPS (TLS). Does anyone know how to disable SPDY / HTTP/2 in WWSAPI (which is using HTTP.SYS) on Windows 10?

I'd also love to get a full up-to-date Windows 10 list of registry settings for HTTP.SYS.

See below for my answer to this. Hope this helps others too.

Mark

MarkB_V
  • 141
  • 1
  • 1
  • 4
  • 2
    This is a Q&A site. So if you have something that's on-topic for StackOverflow and hasn't already been answered, post a question where you formulate the problem that you initially had, and then post an answer to that question where you describe the solution. – Michael Jul 30 '15 at 09:15
  • Separate from just disabling HTTP/2, I'd like to understand why your WWSAPI is generating ERR_SPDY_PROTOCOL_ERROR in (I presume) Chrome. Do you have a WWSAPI sample that shows that happening? – Mike Bishop Jan 13 '16 at 00:13
  • That is a Chromium error. We're currently seeing it in Opera, Chrome and Vivaldi. In our case because I think somebody is sending a signal we're providing http2 when we're not. – Erik Reppen Sep 28 '17 at 03:26
  • Possible duplicate of [How to disable HTTP/2 on IIS of Windows 10](https://stackoverflow.com/questions/31668151/how-to-disable-http-2-on-iis-of-windows-10) – William Gross Nov 25 '17 at 15:05

1 Answers1

21

EDIT: disabling HTTP/2 will significantly slow down the speed of your website, this is not a permanent solution. The problem turned out to be caused by our webapp sending a wrong authentication header to the server.

To still disable HTTP/2, see below.

(OP gave a helpful answer, but in the question. I moved the answer):

I did work around my HTTP/2 problem by configuring Windows 10 HTTP.SYS in the registry to disable HTTP/2. Given that I didn't find info anywhere, I thought I'd share my solution to that problem here too. I would like to find a way of doing this through WWSAPI though.

If I turned off SPDY support in the client browser, it would work but I wanted to turn this off at the server side (HTTP.SYS on Windows 10) so that it wouldn't negotiate HTTP/2 but would use the older more compatible HTTP(S).

Discovered two new registry settings for HTTP.SYS in:

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\HTTP\Parameters

  • EnableHttp2Tls REG_DWORD 0
  • EnableHttp2Cleartext REG_DWORD 0

Adding these values and setting both to 0 in Windows 10 resulted in HTTP/2 / SPDY not being negotiated and my ERR_SPDY_PROTOCOL_ERROR problems went away without requiring browser configuration changes. I'm not suggesting there is anything wrong with Windows 10 HTTP/2, the problems may be with certain browsers.

This may work for IIS too, but I don't use that so I haven't tried and in any case there may be a better way to do this in IIS.

Hope this helps others too.

I can confirm this helps for IIS too, but I had to restart my computer.

Jan Willem B
  • 3,787
  • 1
  • 25
  • 39
  • After setting the registry values and restarting my computer, I found out the the root cause of my SPDY issue was a connection reset coming from the server. – Eddie Fletcher Dec 22 '15 at 03:51
  • Although now I'm wondering, What if we want to shut off SPDY but not HTTP/2? – sshirley Jul 01 '16 at 08:48
  • @EddieLoeffen Care to elaborate? – Zero3 Feb 01 '17 at 16:17
  • @Zero3 disabling SDPY on my computer forced connections to use HTTP/1.1 again. When I ran the same API call that was previously returning ERR_SPDY_PROTOCOL_ERROR, Chrome now told me the connection was reset. After fixing the bug causing a connection reset, I could re-enable SPDY without getting a protocol error. – Eddie Fletcher Feb 01 '17 at 20:10
  • @EddieLoeffen Aha! Thanks! – Zero3 Feb 02 '17 at 14:48
  • 1
    I, too, can confirm this works for Windows Server 2014 running IIS 10.0. It appears that HTTP/2, in conjunction with certain ciphers, causes modern browsers to throw a security exception. Disabling HTTP/2 fixes this issue by forcing IIS to use TLS 1.2 with the same ciphers. This is apparently more secure than the HTTP/2 option flag on. – Jason May 31 '17 at 18:34
  • 2
    Is there a way to turn off just SPDY and not HTTP2? @Jason – airowe May 02 '18 at 17:38
  • @EddieLoeffen what was the bug causing connection reset? – zendu Mar 02 '23 at 08:48