apache reverse proxy http2 to https

Question

EDIT: I figured out the issue

I didn't have the http2 module turned on, so enabling http2 on the edge wasn't working. I don't need http2 communication between apache and my node servers, as there is no HTTP connection limit between servers.

This guide has all the details:

https://docs.bitnami.com/aws/apps/trac/administration/enable-http2-apache/

ORIGINAL QUESTION:

I am using apache on aws bitnami as a reverse proxy for a set of node servers. The vhost configuration is as follows:

<VirtualHost *:443>
    SSLProxyEngine on
    ServerName staging.website.com
    ProxyRequests off
    Protocols h2 h2c http/1.1

    Header add Set-Cookie "ROUTEID=.%{BALANCER_WORKER_ROUTE}e; path=/" env=BALANCER_ROUTE_CHANGED
    <Proxy balancer://httpBalancer>
      BalancerMember http://127.0.0.1:2001 route=1
      BalancerMember http://127.0.0.1:2002 route=2

      Order Deny,Allow
      Deny from none
      Allow from all

      ProxySet lbmethod=bybusyness
      ProxySet stickysession=ROUTEID
    </Proxy>

    <Proxy balancer://wsBalancer>
      BalancerMember ws://127.0.0.1:2001 route=1
      BalancerMember ws://127.0.0.1:2002 route=2

      Order Deny,Allow
      Deny from none
      Allow from all

      ProxySet lbmethod=bybusyness
      ProxySet stickysession=ROUTEID
    </Proxy>

    #RewriteEngine On
    #RewriteCond %{HTTP:Upgrade}  =websocket                     [NC]
    #RewriteRule /updates         balancer://wsBalancer/updates  [P,L]

    ProxyPass /updates balancer://wsBalancer/updates
    ProxyPass / balancer://httpBalancer/
    ProxyPassReverse / balancer://httpBalancer
    ProxyPassReverse /updates balancer://wsBalancer/updates
    ProxyPreserveHost On
    SSLEngine on
    SSLCertificateFile "/opt/bitnami/apache2/conf/server.crt"
    SSLCertificateKeyFile "/opt/bitnami/apache2/conf/server.key"

    SetEnvIfNoCase Origin "https?://(www\.)?(stripe\.com|js\.stripe\.com)(:\d+)?$" ACAO=$0
    Header set Access-Control-Allow-Origin %{ACAO}e env=ACAO
    Header set Access-Control-Allow-Credentials "true" env=ORIGIN
    Header set Content-Security-Policy "frame-ancestors *.quikstrike.net;"
    # Always set Vary: Origin when it's possible you may send CORS headers
    Header merge Vary Origin
</VirtualHost>

I would like to enable the apache server to accept http2 connections from web browser clients, in order to take advantage of its full multiplexing. It does not matter to me whether or not the requests to the node servers are https, http or http2. Is this possible? I am open to solutions that involve switching to nginx or using an AWS load balancer if those are the only option, but I really need http2's full multiplexing

Answer 1

(This answer is also in an edit to the original question)

I didn't have the http2 module turned on, so enabling http2 on the edge wasn't working. I don't need http2 communication between apache and my node servers, as there is no HTTP connection limit between servers.

This guide has all the details:

https://docs.bitnami.com/aws/apps/trac/administration/enable-http2-apache/