Nginx v1.25.1 http2 on; new recommendation creating another warn

Question

Here is my website conf (using nginx v1.25.1):

# Redirect to https
server {
    listen 80;
    server_name domain.name www.domain.name;
    
    location ^~ /.well-known/acme-challenge/ {
        root /acme-challenge; # Make sure this path is correct
        allow all;
    }

    location / {
        return 301 https://www.domain.name/$request_uri;
    }
}

# Redirect from HTTPS non-www to HTTPS www
server {
    listen 443 ssl;
    listen [::]:443 ssl;
    http2 on;
    server_name domain.name;

    # SSL configuration
    ssl_certificate     /ssl/live/domain.name/fullchain.pem;
    ssl_certificate_key /ssl/live/domain.name/privkey.pem;

    location ^~ /.well-known/acme-challenge/ {
        root /acme-challenge; # Make sure this path is correct
        allow all;
    }

    location / {
        return 301 https://www.domain.name/$request_uri;
    }
}

# Redirect to the specific path
server {
    listen 443 ssl;
    listen [::]:443 ssl;
    http2 on;
    server_name www.domain.name;

    # SSL configuration
    ssl_certificate     /ssl/live/domain.name/fullchain.pem;
    ssl_certificate_key /ssl/live/domain.name/privkey.pem;

    location ^~ /.well-known/acme-challenge/ {
        root /acme-challenge; # Make sure this path is correct
        allow all;
    }

    location / {
        return 301 https://www.other.domain.name/app/;
    }

}

I use to use listen 443 ssl hhtp2; but I got these warnings:

nginx: [warn] the "listen ... http2" directive is deprecated, use the "http2" directive instead in /etc/nginx/sites-enabled/domain.name:14
nginx: [warn] the "listen ... http2" directive is deprecated, use the "http2" directive instead in /etc/nginx/sites-enabled/domain.name:30

Then I searched and found this: https://www.nginx.com/blog/nginx-plus-r30-released/

Which tells us this:

Change this:

listen 443 ssl http2;

To this:

listen 443 ssl;
http2 on;

But now I have this warning:

nginx: [warn] protocol options redefined for 0.0.0.0:443 in /etc/nginx/sites-enabled/domain.name:20

I think it's not a big deal but I'd like to remove all warnings and I found nothing with Google or ChatGPT.

Answer 1

When I rewrite the configuration files of each website one by one, I also encounter the error message: "protocol options redefined"

But when I changed all my websites to "http2 on;", the error message disappeared

So there may be other places where the setting is still "listen 443 ssl http2;", and the number of lines pointed to by the error message may not necessarily be problematic.

Answer 2

I changed all configs, including /etc/nginx/conf.d/default.conf, even though it shouldn't actually get used.

I executed: (from /etc/nginx/sites-available/)

sed -i 's/listen 443 ssl http2;/listen 443 ssl;/' *.conf
sed -i 's/listen \[::\]:443 ssl http2;/listen \[::\]:443 ssl;\nhttp2 on;/' *.conf

So that...

This:

listen 443 ssl http2;
listen [::]:443 ssl http2;

Became this: (worked all the time)

listen 443 ssl;
listen [::]:443 ssl;
http2 on;

Then no more errors and no more broken sites.

---

FYI

This line (above) listen [::]:443 ssl; in the solution seemed to be optional most of the time.

Maybe: (worked most of the time, but not always)

listen 443 ssl;
http2 on;