Even though this website [and the other sites hosted on this server] isn't very sensitive, I try to maintain the highest possible security by using up-to-date and secure software, as well as strong ciphers for the connection.
After all, it's nobodys business what you read here, but yours.
I also try to use new technology whenever possible, so it makes sense, that I offer HTTP/2 connections.
Unfortunately, it turns out that combining the two isn't always as easy as it should be.
My nginx cipher suite is configured as follows:
This is generally considered close to ideal security [let me know if you disagree], so I figured it should work with HTTP/2 - which emphasizes security greatly - without any problems.
Unfortunately, I was wrong. After enabling HTTP/2 in nginx, Firefox fails to connect to the server.
Even worse, it did not display an error message, log an error to the console, or show any issue in the network debugger.
It turns out, that I missed, that the HTTP/2 standard has a hard requirement on AES-128 support, specifically
Apparently firefox ...