How To Set Up Apache with HTTP/2 Support on Ubuntu 16.04

apache with http2 supportHTTP/2 is the first major HTTP protocol update since 1997. The main goal of HTTP/2 is to decrease latency, reduce total number of TCP connections thus improve page load speed in web browsers. HTTP/2 is backwards-compatible with HTTP/1.1, all application semantics of HTTP are the same, except the way of transmitting data via TCP connection. HTTP/2 leverages multiplexing and allows asynchronous (parallel) requests and provides data compression of HTTP headers. Also, the server push method in HTTP/2 allows server to send multiple responses for a single request.

HTTP/2 support is not included in Ubuntu 16.04, neither with nginx nor with Apache because this feature is considered as experimental by the Apache httpd upstream project, so it is not possible to enable it on an Ubuntu 14.04 VPS using the a2enmod command:

a2enmod http2
ERROR: Module http2 does not exist!

HTTP/2 support should be enabled in Ubuntu 16.04 after the Apache httpd upstream considers this support to be non-experimental.
Luckily, the Http2 module is included in the source, so follow these steps to enable HTTP/2 support on Apache web server:
Add source URIs to the sources.list file if it is not already done so:

vi /etc/apt/sources.list

add the following lines at the end:

deb-src xenial main universe restricted multiverse
deb-src xenial-security main universe restricted multiverse
deb-src xenial-updates main universe restricted multiverse

Run ‘apt-get update’ command to download the package lists from the repositories and update them to get information on the newest versions of packages, then update the Ubuntu 16.04 OS packages using the ‘apt-get upgrade’ command:

apt-get update
apt-get upgrade

Install the required pre-requisites:

apt-get install curl devscripts build-essential fakeroot

Create a new user your VPS, or switch to an existing user account:

sudo adduser <username> sudo
su <username>

Replace <username> with an actual username.
Install the libnghttp2-dev package:

[user]$ cd ~
[user]$ sudo apt-get install libnghttp2-dev
[user]$ mkdir apache2
[user]$ cd apache2

Download the apache2 sources on your server and build them:

[user]$ apt-get source apache2
[user]$ sudo apt-get build-dep apache2
[user]$ cd apache-2.4.18
[user]$ sudo apt-get install curl devscripts build-essential fakeroot
[user]$ fakeroot debian/rules binary
[user]$ sudo cp debian/apache2-bin/usr/lib/apache2/modules/ /usr/lib/apache2/modules/
[user]$ exit

Load the HTTP/2 module. Create a file /etc/apache2/mods-available/http2.load and add the following lines:

LoadModule http2_module /usr/lib/apache2/modules/

<IfModule http2_module>
LogLevel http2:info

Enable the http2 module:

a2enmod http2

Add ‘Protocols h2 http/1.1’ to each SSL based virtual hosts. For example, edit the default-ssl configuration file:

vi /etc/apache2/sites-enabled/default-ssl.conf
<IfModule mod_ssl.c>
 <VirtualHost _default_:443>
 ServerAdmin webmaster@localhost
 Protocols h2 http/1.1
 DocumentRoot /var/www/html
 ErrorLog ${APACHE_LOG_DIR}/error.log
 CustomLog ${APACHE_LOG_DIR}/access.log combined
 SSLEngine on

 SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem
 SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key

 <FilesMatch "\.(cgi|shtml|phtml|php)$">
 SSLOptions +StdEnvVars
 <Directory /usr/lib/cgi-bin>
 SSLOptions +StdEnvVars


Or, add ‘Protocols h2 http/1.1’ to main Apache configuration to enable http2 on all websites:

vi /etc/apache2/apache2.conf

Add this line at the end:

Protocols h2 http/1.1

Restart Apache for the changes to take effect:

service apache2 restart

That is it. The HTTP/2 support has been enabled on your Apache web server.

Of course you don’t have to do any of this if you use one of our Linux VPS Hosting services, in which case you can simply ask our expert Linux admins to set up Apache with HTTP/2 support for you. They are available 24×7 and will take care of your request immediately.
PS. If you liked this post please share it with your friends on the social networks using the buttons on the left or simply leave a reply below. Thanks.


Install Mattermost on an Ubuntu VPS
Install and configure Jenkins with Nginx as a reverse proxy on CentOS 7
Install Squid proxy server on Ubuntu 14.04
  • admin


    Author Reply

    You shouldn’t implement the steps again after Apache update.

  • Tinus Lorvald

    cp debian/apache2-bin/usr/lib/apache2/modules/ /usr/lib/apache2/modules/

    its where it all falls apart for me. can’t go past it.

    • admin


      Author Reply

      Please provide more information of about any errors that you are receiving if we are to help you.

  • Shaun McCoy

    debian/rules:69: recipe for target ‘binary’ failed
    make: *** [binary] Error 2

    I get this error after this step:
    [user]$ fakeroot debian/rules binary

    Not sure what is going on, been trying to update my cURL and openssl for 2 days now with no luck.

    • admin


      Author Reply

      Do you have Ubuntu 16.04 installed on your server?

      • Greg Winton

        Hello, I have the same error.

        debian/rules:69: recipe for target ‘binary’ failed
        make: *** [binary] Error 2

        On Ubuntu Server 16.04.

        • admin


          Author Reply


          We were not able to replicate the issue. Please make sure that you are closely following the tutorial.

  • SashainSydney

    Don’t copy – too many typos in this.
    e.g. ‘[user]$ cd apache-2.4.18’
    and ‘[user]$ sudo cp debian/apache2-bin/usr/lib/apache2/modules/ /usr/lib/apache2/modules/’

    • admin


      Author Reply


      Yes, sometimes you cannot just copy/paste and you may need to adjust the commands depending on the system and the version of the software you are working on.


  • Clayton


    Author Reply

    I don’t usually bother posting on these but I just wanted to say how useful this was. Way easier than the way I had intended to handle it. Probably saved me an hour or two. Just setup a store for a customer using this and H2 Push. I just recently switched from Enterprise Linux (They’re STILL using a backport patched OpenSSL 1.0.1 which is completely unsupported. Which means 0days may be found in it that don’t even exist in newer versions, and they’ll never get patched. CentOS/RHEL is completely insecure right now). So I’m used to manually having to compile everything in if I want to statically compile against non-system libraries.

  • Helena


    Author Reply

    Great post, thank you so much for this write-up! Saved me a lot of time.

  • thelambofgoat

    The same, recipe for target ‘binary’ failed. I can provide log though)

    checking for APR… configure: error: the –with-apr parameter is incorrect. It must specify an install prefix, a build directory, or an apr-config file.
    debian/rules:72: recipe for target ‘override_dh_auto_configure’ failed
    make[1]: *** [override_dh_auto_configure] Error 1
    make[1]: Leaving directory ‘/home/http2/apache2/apache2-2.4.18’
    debian/rules:69: recipe for target ‘binary’ failed

  • thelambofgoat


    sudo apt-get install libapr1-dev libaprutil1-dev

    And also

    sudo apt install libpcre3-dev (if pcre-devel is not installed, which was my case with Ubuntu 16.04)