We are running servers which run multiple processes each, who in turn currently communicate with each other using HTTP (Using 1-2 physical servers per client, and there are multiple clients with separate servers).
The servers are hosted locally per client.
We're thinking of migrating our nginx service, which is serving static files (multiple images, videos), to HTTP/2, in order to speed things up, as it is very common to request 1000 images at a time, which is an area where HTTP/2 excels.
For the client side we're using a chromium-based (Electron) client.
A problem arises from the above, where a TLS certificate is required when using HTTP/2 in the version of chromium we're using. Since this is a LAN there's no domain name, and even the IP addresses are not guaranteed to be static.
note: Using TLS is just a bonus, our main goal is to get the latency improvement from HTTP/2.
Is there a way around this?
The solution was to issue a self-signed certificate for a domain, which was added to the hosts file of all affected clients. The certificate authority was manually declared as trusted in all client machines.
For a more general solution, one could use a any DNS resolution option so long as it is consistent across for all clients, and any signed certificate, while a self-signed-signature would require a manual addition of the CA file to all the clients.