When talking about ALPN, the thing to remember is that ALPN is a TLS extension negotiation protocol. It’s a negotiator. There’s a Client Hello sending the Cipher Suite it supports and there’s a Server Hello picking which Cipher it’s going to use from that list. If you’re having any issues with HTTP2, it’s important to do a packet capture to see a) what Cipher is being used because it could be using a blacklisted Cipher Suite and b) confirm that the Client and Serer Hello ALPN’s are being sent.
You can check the Cipher Suite Black List:
#Look to see if the Cipher Suite is Black Listed#
You are making sure the Cipher Suite is supported by the product and not black listed.