Hello all, I played around with nginx-quic branch, following the blog post here https://www.nginx.com/blog/our-roadmap-quic-http-3-support-nginx/
I have trouble to get my browser to use http3 with the server. I checked with CURL http3 enabled - there it works when providing the http3 option, it does not when using --alt-svc option. I assume it's a configuration issue, or an issue with self-signed certificates, ... What did I do: 1. Build Docker (copy from blogpost) and generate self signed certs. ``` COPY ./nginx/csr.conf /root/csr.conf COPY ./nginx/cert.pass /etc/keys/cert.pass # generate self signed certificate RUN openssl genrsa -aes128 -passout "pass:supersecure" -out ca.key 4096 RUN openssl req -new -config csr.conf -key ca.key -out ca.csr -passin "pass:supersecure" RUN openssl x509 -req -days 365 -in ca.csr -signkey ca.key -out ca.crt -passin "pass:supersecure" # copy them to /etc/ssl/ RUN cp ca.crt /etc/ssl/certs/ RUN cp ca.key /etc/ssl/private/ RUN cp ca.csr /etc/ssl/private/ # setup ssl config COPY ./nginx/ssl.conf /etc/nginx/conf.d/ssl.conf EXPOSE 80 443 ``` 2. Run the Docker with docker run -it --rm -p 443:443/udp -p 443:443/tcp nginx_quic Testing: Using HTTP3 enabled curl ends up in: ``` curl -k -vvv --alt-svc altsvc.cache https://localhost:443 * Trying 127.0.0.1:443... * TCP_NODELAY set * Connected to localhost (127.0.0.1) port 443 (#0) * ALPN, offering h2 * ALPN, offering http/1.1 * successfully set certificate verify locations: * CAfile: /etc/ssl/certs/ca-certificates.crt CApath: /etc/ssl/certs * TLSv1.3 (OUT), TLS handshake, Client hello (1): * OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to localhost:443 * Closing connection 0 curl: (35) OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to localhost:443 ``` using http3 option on curl works as expected: ``` ./curl -v --http3 https://localhost:443/ * Trying 127.0.0.1:443... * Connect socket 5 over QUIC to 127.0.0.1:443 * Connected to localhost () port 443 (#0) * Using HTTP/3 Stream ID: 0 (easy handle 0x55c46567b290) > GET / HTTP/3 > Host: localhost > user-agent: curl/7.79.0-DEV > accept: */* > * ngh3_stream_recv returns 0 bytes and EAGAIN < HTTP/3 200 < server: nginx/1.21.3 < date: Tue, 14 Sep 2021 22:21:26 GMT < content-type: text/html < content-length: 615 < last-modified: Tue, 07 Sep 2021 15:21:03 GMT < etag: "6137835f-267" < alt-svc: h3=":443"; ma=2592000 < quic-status: quic < x-quic: quic < accept-ranges: bytes ```` Any Idea how to solve this? Best J.
_______________________________________________ nginx-devel mailing list nginx-devel@nginx.org http://mailman.nginx.org/mailman/listinfo/nginx-devel
