Currently the newest version of OpenSSL shipped with any SLES release is 1.0.1x however, OpenSSL devs have encouraged customers to migrate to 1.0.2. One reason is that 1.0.2 supports ALPN. Why does this matter?
Well, on May 31st, Google will push out a Chrome update that will use ALPN to negotiate HTTP/2 connections instead of HTTP/1.x. If you’re thinking “who cares?” then just move along. But for those that rely of the optimizations of HTTP/2 in their applications, this will be a BIG deal. This is particularly going to affect people running multiple JeOS containers. Currently it appears that only Ubuntu 16.04LTS has migrated to OpenSSL 1.0.2x by including 1.0.2g. I’d rather poke myself in the eye than use Ubuntu in an Enterprise environment (or any environment for that matter) but this will be an issue for users, developers, and those of us trying to get customers to stay on or migrate to SLES over other vendor solutions.
IMO, SUSE needs to migrate all currently supported SLES releases to OpenSSL 1.0.2x and release the update before the end of the month.
More info here:
https://ma.ttias.be/day-google-chrome-disables-http2-nearly-everyone-may-31st-2016/
BTW, I tried bringing this issue to SUSE’s attention on the Enterprise support line, but they basically gave me a “meh” and told me to send an e-mail or post here.
On 17/05/2016 17:54, TheRealTachyon wrote:
[color=blue]
Currently the newest version of OpenSSL shipped with any SLES release is
1.0.1x however, OpenSSL devs have encouraged customers to migrate to
1.0.2. One reason is that 1.0.2 supports ALPN. Why does this matter?
Well, on May 31st, Google will push out a Chrome update that will use
ALPN to negotiate HTTP/2 connections instead of HTTP/1.x. If you’re
thinking “who cares?” then just move along. But for those that rely of
the optimizations of HTTP/2 in their applications, this will be a BIG
deal. This is particularly going to affect people running multiple JeOS
containers. Currently it appears that only Ubuntu 16.04LTS has
migrated to OpenSSL 1.0.2x by including 1.0.2g. I’d rather poke myself
in the eye than use Ubuntu in an Enterprise environment (or any
environment for that matter) but this -will- be an issue for users,
developers, and those of us trying to get customers to stay on or
migrate to SLES over other vendor solutions.
IMO, SUSE needs to migrate all currently supported SLES releases to
OpenSSL 1.0.2x and release the update before the end of the month.
More info here:
‘The day Google Chrome disables HTTP/2 for nearly everyone: May 31st, 2016’
(The Day Google Chrome disables HTTP/2 for nearly everyone)
BTW, I tried bringing this issue to SUSE’s attention on the Enterprise
support line, but they basically gave me a “meh” and told me to send an
e-mail or post here.[/color]
Let me ask my contacts at SUSE. I’ll post back when I hear something.
HTH.
Simon
SUSE Knowledge Partner