Issue Summary

Upon implementing a CDN solution for Data Center installation, despite meeting all criteria described at HTTP2 health check fails in Data Center when configuring CDN you still receive a warning that "HTTP/2 required":

This is reproducible on Data Center: (yes)

Steps to Reproduce

Create Jira Data Center installation and configure CDN

Expected Results

Since all requirements are met, the healthcheck should be positive

Actual Results

Despite the fact that all required content is served using HTTP/2 and no such traffic is blocked by the firewall, still, this healthcheck will identify that HTTP/2 configuration is required.

As per the current (Jira 9.11) health check implementation, Jira will verify the value of nextHopProtocol for .../health-checks-test/health-checks/test-img.png resource. In case it is not server using HTTP/2 (or "h2") it will lead to failure of this healthcheck.

However, in case of cross-origin requests the value of nextHopProtocol property will be empty leading to a false-positive failure of this health check.

Workaround

You could configure your CDN response headers policy to add Timing-Allow-Origin HTTP header

Timing-Allow-Origin: *

According to nextHopProtocol property description, this header is required for cross-origin requests to expose cross-origin network protocol information.