IIS: Configure for HTTP/2

Configure ISAPI to use HTTP/2 protocol.

The HTTP/2 protocol has enhancements that improve the speed in which pages load in web browsers. The HTTP/2 protocol is available over unencrypted (http://) and encrypted (https://) channels, but most major browsers only support use of HTTP/2 over HTTPS. Therefore, you need to ensure HTTPS is enabled on your server.

Ensure your IIS is IIS 10 or greater.

Follow this procedure to enable HTTPS on Windows® 10 by adding an SSL certificate for your IIS web site. By default HTTP/2 is then enabled.
Note:

This example uses a self-signed certificate. This is for demonstrative purposes only. A self-signed certificate is not recommended for protecting your production sites.

  1. After installing IIS, launch the Internet Services Manager and create a self-signed certificate by selecting the Server Certificates option under the server's Features view. Double click the Server Certificates option to open the feature.
    Figure: Internet Information Services (IIS) server certificate feature

    Internet Information Services (IIS) Manager Features View showing the Server Certificate option selected
  2. Click Create Self-Signed Certificate .... In the Create Self-Signed Certificate dialog that opens, enter a name for the certificate.
    Figure: Internet Information Services (IIS) create self -signed certificate feature

    Internet Information Services (IIS) Manager Features View showing the create Self-Signed Certificate dialog
    The certificate is created and appears in the list of Server Certificates in the Features view.
  3. Go to your Default Web Site to create a new Transport Layer Security (TLS) binding with the self-signed certificate which you just created.
    Figure: Internet Information Services (IIS) create bindings for the default website

    Internet Information Services (IIS) Manager Features View showing the steps for binding the default Web site for HTTPS using a self-signed certificate
    1. In the Actions area, click Bindings... to open the Site Bindings dialog.
    2. In the Site Bindings dialog, click Add... to open the Add Site Binding dialog.
    3. Select the Https option from the Type list.

      The SSL certificate list and other TLS options appear only when you select HTTPS from the Type list. The HTTP/2 option is enabled by default. Accept this default and all other defaults.

    4. Select your self-signed certificate from SSL certificate list.
      Click OK to save your changes and close the dialog.
      The Site Bindings dialog now shows your new configuration for HTTPS.
      Figure: Internet Information Services (IIS) site bindings

      Internet Information Services (IIS) Manager Features View showing the site binding for the default Web site for HTTPS on the default port 443
  4. Verify the HTTP version is HTTP/2. Open a browser from your machine and enter the URL: https://localhost.
    The IIS welcome screen displays. Press the F12 key, (or go to Settings and enable Developer Tools), and then switch to the Network tab.
    Note:

    Some browsers may not yet support use of HTTP/2. This screenshot is from Mozilla Firefox, showing HTTP version information in the Headers tab.

    Figure: Verifying HTTP/2 on browser

    IIS default web site open on browser with developer tools showing header for HTTP version as HTTP/2