From 47832d783d6da90bb48d252567ad2f81221043b2 Mon Sep 17 00:00:00 2001
From: Alexandre Gaudreault <alexandre_gaudreault@intuit.com>
Date: Fri, 1 Nov 2024 13:20:39 -0700
Subject: [PATCH] Update server/server.go

Co-authored-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com>
Signed-off-by: Alexandre Gaudreault <alexandre_gaudreault@intuit.com>
---
 server/server.go | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/server/server.go b/server/server.go
index 656f7989839cc..6625461dfab03 100644
--- a/server/server.go
+++ b/server/server.go
@@ -562,7 +562,10 @@ func (a *ArgoCDServer) Run(ctx context.Context, listeners *Listeners) {
 		// If not matched, we assume that its TLS.
 		tlsl := tcpm.Match(cmux.Any())
 		tlsConfig := tls.Config{
-			// Prefer http/1.1 for HTTPS and HTTP2 for grpc
+			// Advertise that we support both http/1.1 and http2 for application level communication.
+			// By putting http/1.1 first, we ensure that HTTPS clients will use http/1.1, which is the only
+			// protocol our server supports for HTTPS clients. By including h2 in the list, we ensure that
+			// gRPC clients know we support http2 for their communication.
 			NextProtos: []string{"http/1.1", "h2"},
 		}
 		tlsConfig.GetCertificate = func(info *tls.ClientHelloInfo) (*tls.Certificate, error) {