Config:
Running a python (3.9) django (3.2) app on IIS10 Windows server 2019 fully patched.
Using a Let's encrypt wildcard cert with TLS 1.2 as minimum cypher.
ISAPI and .NET are not loaded.
Server is an Azure windows VM with port 443 open. The SSL cert is loaded and working fine and https using Chome is working.
Have run IIScrypto and use best practices with the only change being TLS 1.0 and TLS 1.1 disabled.
StaticContent is enabled.
Both static and dynamic compression are disabled. (However enabling them did not solve the problem).
Application Pool set to 'No managed code' and pipeline 'integrated'
Problem:
Everything works fine until I try to enable HTTP/2 by unchecking 'Disable HTTP/2 in the port 443 bindings. Port 80 (http) is disabled.
Logging:
Fields: date time cs-method cs-uri-stem cs-uri-query s-port c-ip cs-version cs(Referer) cs-host sc-status sc-substatus sc-bytes cs-bytes time-taken
With HTTP/2 enabled:
2021-08-15 16:12:58 GET /favicon.ico - 443 172.70.114.30 HTTP/2 https://xxxx/add.png?1629043803015 public.xxxx.com 200 0 0 906 2
Without HTTP/2 enabled:
2021-08-15 16:13:32 GET /favicon.ico - 443 172.70.114.30 HTTP/1.1 https://xxxx/add.png?1629043803015 public.xxxx.com 200 0 680 941 164
Both return a 200 status, however the HTTP/2 returns 0 bytes and the HTTP/1.1 returns the correct 680 bytes.
No settings or code was changed between the two runs except the 'Disable HTTP/2' setting.
No error logged in Event Logs
Questions:
Do I need ISAPI or .NET to get HTTP/2 to work correctly?
Is there another setting I am missing?
Thanks for any help.