Dev Solve

English

中文
日本語

English

中文
日本語

Appearance

Resolving Nginx HTTP/2 Deprecation Warnings

Problem Statement
With Nginx v1.25.1+, users encounter warnings when using the legacy HTTP/2 configuration syntax. After updating to the new recommended syntax (http2 on;), a secondary warning appears: protocol options redefined for 0.0.0.0:443. This occurs because the old syntax (listen ... http2) still exists elsewhere in the configuration, causing protocol conflicts for the same port.

bash
# Initial deprecation warning
nginx: [warn] the "listen ... http2" directive is deprecated...

# New conflict warning after syntax update
nginx: [warn] protocol options redefined for 0.0.0.0:443

Correct HTTP/2 Configuration

Original (deprecated) syntax:

nginx
server {
    listen 443 ssl http2;   # This triggers warnings
    listen [::]:443 ssl http2;
}

Updated syntax (Nginx v1.25.1+):

nginx
server {
    listen 443 ssl;
    listen [::]:443 ssl;
    http2 on;  # Correct placement
}

Key Insight

The "protocol redefined" warning always indicates mixed syntax usage. For example:

  • listen 443 ssl http2; (old) in one file
  • http2 on; (new) in another file

Solution: Consistent Syntax Migration

Follow these steps to resolve warnings:

  1. Update all configuration files using sed:
bash
# Backup configurations first
sudo cp -R /etc/nginx/ /etc/nginx-backup

# Replace old syntax system-wide
sudo find /etc/nginx -type f -name "*.conf" -exec sed -i.bak 's/listen \(.*\) ssl http2;/listen \1 ssl;/g' {} +
sudo find /etc/nginx -type f -name "*.conf" -exec sed -i.bak 's/listen \[::\]:\(.*\) ssl http2;/listen [::]:\1 ssl;\n    http2 on;/g' {} +
  1. Manual file cleanup if IPv6 isn't used:
nginx
# Basic configuration:
listen 443 ssl;
http2 on;  # Single declaration per IP endpoint
  1. Verify syntax post-update:
bash
sudo nginx -t

Recommended Practice

  • Consistency is critical: The same IP/port combination must use identical protocol syntax across all Nginx configs.
  • Priority files: Check /etc/nginx/nginx.conf, /etc/nginx/conf.d/, and virtual host directories.
  • IPv6 consideration: Avoid IPv6-related errors by declaring both IPv4 and IPv6 listeners or disabling IPv6 explicitly.

DANGER

Partial updates will cause lingering warnings. The solution requires modifying every instance of the old syntax—even in unused configs like /etc/nginx/conf.d/default.conf.

Why This Works
Nginx processes all configuration files as a single unit. Mixing old and new HTTP/2 syntax for the same port (e.g., TCP/443) triggers protocol conflicts. Eliminating all legacy listen ... http2 declarations resolves the inconsistency that prompts the warning.