I have a web application written in Go and load balanced by HAProxy. HAProxy also handles SSL/TLS termination. Currently the responses are all HTTP/1.1 and I'd like them to be HTTP/2. I've tried various things in haproxy.conf, but haven't been able to get it working.
I'm able to get a standalone Go server that handles its own SSL termination to use HTTP/2, but it looks like all current browsers only support HTTP/2 over TLS. Does this mean that I need to handle the SSL termination at the web app itself? Or is there some workaround that I don't know about so that I can continue terminating SSL at the load balancer and still use HTTP/2?
It looks like this is impossible, but I'm hoping there is a way to do it since otherwise I need to deal with SSL certificates at each web application rather than just at the load balancer.
Or is there some workaround that I don't know about so that I can continue terminating SSL at the load balancer and still use HTTP/2?
If I've got you right, you need a HTTP/2 aware load balancer which can proxy your requests to your application. You may use nginx. It can excellent do http2 termination, load balancing and many other things. So probably you may not need haproxy at all. However haproxy is useful if you want some advanced features like sticky sessions. Nginx also can do them, but only in a commercial version.
Here's an article (in Google cache) how to setup nginx + haproxy.