Use HTTP/2 and SSL with MeiliSearch

    Therefore, you will see how to launch a MeiliSearch server with SSL. This tutorial gives a short introduction to do it locally, but you can as well do the same thing on a remote server.

    First of all, you need the binary of MeiliSearch, or you can also use docker. In the latter case, it is necessary to pass the parameters using environment variables and the SSL certificates via a volume.

    A tool to generate SSL certificates is also required. In this How To, you will use mkcert (opens new window). However, if on a remote server, you can also use certbot or certificates signed by a Certificate Authority.

    Then, use to do requests. It is a simple way to specify that you want to send HTTP/2 requests by using the --http2 option.

    And then, send a request.

    1. curl -kvs --http2 --request GET 'http://localhost:7700/indexes'

    You will get the following answer from the server:

    1. *   Trying ::1...
    2. * TCP_NODELAY set
    3. * Connection failed
    4. * connect to ::1 port 7700 failed: Connection refused
    5. *   Trying 127.0.0.1...
    6. * TCP_NODELAY set
    7. > GET /indexes HTTP/1.1
    8. > Host: localhost:7700
    10. > Accept: */*
    11. > Connection: Upgrade, HTTP2-Settings
    12. > Upgrade: h2c
    13. > HTTP2-Settings: AAMAAABkAARAAAAAAAIAAAAA
    14. >
    15. < HTTP/1.1 200 OK
    16. < content-type: application/json
    17. < date: Fri, 17 Jul 2020 11:01:02 GMT
    18. <
    19. * Connection #0 to host localhost left intact

    You can see on line > Connection: Upgrade, HTTP2-Settings that the server tries to upgrade to HTTP/2, but is unsuccessful.
    The answer < HTTP/1.1 200 OK indicates that the server still uses HTTP/1.

    Try to use HTTP/2 with SSL

    This time, start by generating the SSL certificates. mkcert creates two files: 127.0.0.1.pem and 127.0.0.1-key.pem.

    1. ./meilisearch --ssl-cert-path ./127.0.0.1.pem --ssl-key-path ./127.0.0.1-key.pem

    Next, make the same request as above but change http:// to https://.

    1. curl -kvs --http2 --request GET 'https://localhost:7700/indexes'

    You will get the following answer from the server:

    You can see that the server now supports HTTP/2.

    1. * Using HTTP2, server supports multi-use
    2. * Connection state changed (HTTP/2 confirmed)

    The server successfully receives HTTP/2 requests.