Hello, I've just built Nginx Quic with the latest from mercurial and boringSSL
I've copied the basic configuration but I'm having some issues.
Can you help me identifying what I'm missing?
I've tested with latest Firefox which can identify http3 protocol correctly on cloudflare blog for ex.
Thanks.
Here is my nginx -V output
configure arguments: --build=nginx-quic --with-debug --with-http_v3_module --with-http_quic_module --with-stream_quic_module --with-http_ssl_module --with-cc-opt=-I../boringssl/include --with-ld-opt='-L../boringssl/build/ssl -L../boringssl/build/crypto' --prefix=/etc/nginx --sbin-path=/usr/sbin/nginx --with-http_v2_module --conf-path=/etc/nginx/nginx.conf --http-log-path=/var/log/nginx/access.log --error-log-path=/var/log/nginx/error.log --with-pcre --lock-path=/var/lock/nginx.lock --pid-path=/var/run/nginx.pid --with-http_ssl_module --with-http_image_filter_module=dynamic --modules-path=/etc/nginx/modules --with-stream=dynamic --with-http_addition_module --with-http_mp4_module
Here is Curl with http3 enabled result:
curl -k -v --http3 https://xyz
* Trying xx.xx.xx.xx:443...
* Connect socket 5 over QUIC to xx.xx.xx.xx:443
* Sent QUIC client Initial, ALPN: h3,h3-29,h3-28,h3-27
* quiche: recvfrom() unexpectedly returned -1 (errno: 61, socket 5)
* connect to 45.32.250.81 port 443 failed: Connection refused
* Failed to connect to xyz port 443 after 345 ms: Connection refused
* Closing connection 0
curl: (7) quiche: recvfrom() unexpectedly returned -1 (errno: 61, socket 5)
and my .conf server relevant section
root /srv/$host;
listen 443 ssl; # TCP listener for HTTP/1.1
listen 443 http3 reuseport; # UDP listener for QUIC+HTTP/3
# https://codefaq.org/server/how-to-install-http-3-quic-on-nginx-server-for-ubuntu/
# quic_retry on;
# ssl_early_data on;
# http3_max_table_capacity 50;
# http3_max_blocked_streams 30;
# http3_max_concurrent_pushes 30;
# http3_push 10;
# http3_push_preload on;
ssl_protocols TLSv1.3; # QUIC requires TLS 1.3
ssl_certificate /etc/letsencrypt/live/xxxxxx/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/xxxxxx/privkey.pem;
# ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
# include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
# add_header Alt-Svc 'h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400';
add_header Alt-Svc 'h3=":443"'; # Advertise that HTTP/3 is available
add_header QUIC-Status $quic; # Sent when QUIC was used