<html><head><meta http-equiv="content-type" content="text/html; charset=utf-8"></head><body dir="auto">Hi,<div><br></div><div>the config file is from the nginx quic repository and from the blog post. It should work for every client that implements at least the 29 draft.</div><div><br></div><div>Best,</div><div>Manuel</div><div><br><div dir="ltr"><br>Am 11.10.2020 um 23:15 schrieb HARISH KUMAR Ivaturi <<a href="mailto:harishkumarivaturi@gmail.com">harishkumarivaturi@gmail.com</a>>:<br><br></div><blockquote type="cite"><div dir="ltr"><div dir="ltr">Hi Manuel <div><br></div><div>Thank you for the solution. I think it is a configuration file related with Google Chrome Canary browser.</div><div>Does the same config file work if I want to get a response in the terminal using curl command.</div><div>command used:</div><div><br></div><div>curl -k -v --http3 "<a href="https://127.0.0.1:443">https://127.0.0.1:443</a>"<br></div><div><br></div><div>And the reason why i need a proper config file is , later i want to make OpenStack rely with nginx (with HTTP/3) web server so there could be an interaction between them. I hope you understand.</div><div><br></div><div>I sincerely thank you for your reply, but if it works for this Cloud then it would be helpful.</div><div><br></div><div>BR</div><div>Harish Kumar</div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Mon, Oct 12, 2020 at 1:07 AM Manuel <<a href="mailto:manuel.baesler@gmail.com">manuel.baesler@gmail.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="auto"><div dir="ltr"><span></span></div><div dir="ltr"><div dir="ltr"><span></span></div><div dir="ltr">Hi,<div><br></div><div>please recompile nginx with the latest version of boring and nginx. Probably also with minus minus prefix set to /etc/nginx</div><div>2nd step would be to find out which exact nginx binary the cmd '<span style="background-color:rgba(255,255,255,0)">service nginx restart' is executing. Alternative would be to execute the compiled binary directly.</span></div><div><span style="background-color:rgba(255,255,255,0)"><br></span></div><div><span style="background-color:rgba(255,255,255,0)">I tried it out today and so far nginx and Google Chrome Canary with enabled quic h3-29 draft are talking http3 via quic.</span></div><div><span style="background-color:rgba(255,255,255,0)"><br></span></div><div><span style="background-color:rgba(255,255,255,0)">This is the config:</span></div><div><span style="background-color:rgba(255,255,255,0)"><br></span></div><div><p class="MsoNormal" style="margin:0in"><span style="background-color:rgba(255,255,255,0)">events {}</span></p><p class="MsoNormal" style="margin:0in"><span style="background-color:rgba(255,255,255,0)"> http {</span></p><p class="MsoNormal" style="margin:0in"><span style="background-color:rgba(255,255,255,0)"> log_format quic '$remote_addr - $remote_user [$time_local] '</span></p><p class="MsoNormal" style="margin:0in"><u></u> <u></u></p><p class="MsoNormal" style="margin:0in"><span style="background-color:rgba(255,255,255,0)"> '"$request" $status $body_bytes_sent '</span></p><p class="MsoNormal" style="margin:0in"><u></u> <u></u></p><p class="MsoNormal" style="margin:0in"><span style="background-color:rgba(255,255,255,0)"> '"$http_referer" "$http_user_agent" "$quic" "$http3"';</span></p><p class="MsoNormal" style="margin:0in"><u></u> <u></u></p><p class="MsoNormal" style="margin:0in"><span style="background-color:rgba(255,255,255,0)"> access_log logs/access.log quic;</span></p><p class="MsoNormal" style="margin:0in"><span style="background-color:rgba(255,255,255,0)"> error_log logs/error.log debug;</span></p><p class="MsoNormal" style="margin:0in"><u></u> <u></u></p><p class="MsoNormal" style="margin:0in"><span style="background-color:rgba(255,255,255,0)"> server {</span></p><p class="MsoNormal" style="margin:0in"><span style="background-color:rgba(255,255,255,0)"> root /var/www/html;</span></p><p class="MsoNormal" style="margin:0in"><u></u> <u></u></p><p class="MsoNormal" style="margin:0in"><span style="background-color:rgba(255,255,255,0)"> server_name xyz ;</span></p><p class="MsoNormal" style="margin:0in"><u></u> <u></u></p><p class="MsoNormal" style="margin:0in"><span style="background-color:rgba(255,255,255,0)"> # for better compatibility it's recommended</span></p><p class="MsoNormal" style="margin:0in"><u></u> <u></u></p><p class="MsoNormal" style="margin:0in"><span style="background-color:rgba(255,255,255,0)"> # to use the same port for quic and https</span></p><p class="MsoNormal" style="margin:0in"><span style="background-color:rgba(255,255,255,0)"> listen 443 http3 reuseport;</span></p><p class="MsoNormal" style="margin:0in"><span style="background-color:rgba(255,255,255,0)"> listen 443 ssl;</span></p><p class="MsoNormal" style="margin:0in"><span style="background-color:rgba(255,255,255,0)"> ssl_protocols TLSv1.3;</span></p><p class="MsoNormal" style="margin:0in"><u></u> <u></u></p><p class="MsoNormal" style="margin:0in"><span style="background-color:rgba(255,255,255,0)"> ssl_certificate ...</span></p><p class="MsoNormal" style="margin:0in"><span style="background-color:rgba(255,255,255,0)"> ssl_certificate_key ...</span></p><p class="MsoNormal" style="margin:0in"><span style="background-color:rgba(255,255,255,0)"> include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot</span></p><p class="MsoNormal" style="margin:0in"><span style="background-color:rgba(255,255,255,0)"> ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot</span></p><p class="MsoNormal" style="margin:0in"><u></u> <u></u></p><p class="MsoNormal" style="margin:0in"><span style="background-color:rgba(255,255,255,0)"> location / {</span></p><p class="MsoNormal" style="margin:0in"><span style="background-color:rgba(255,255,255,0)"> # required for browsers to direct them into quic port</span></p><p class="MsoNormal" style="margin:0in"><u></u> <u></u></p><p class="MsoNormal" style="margin:0in"><span style="background-color:rgba(255,255,255,0)"> add_header X-http3-status "http3 is $http3";</span></p><p class="MsoNormal" style="margin:0in"><span style="background-color:rgba(255,255,255,0)"> add_header X-quic-status "quic is $quic";</span></p><p class="MsoNormal" style="margin:0in"><span style="background-color:rgba(255,255,255,0)"> add_header Alt-Svc '$http3=":443"; ma=86400';</span></p><p class="MsoNormal" style="margin:0in"><span style="background-color:rgba(255,255,255,0)"> # add_header Alt-Svc 'quic=":443"';</span></p><p class="MsoNormal" style="margin:0in"><span style="background-color:rgba(255,255,255,0)"> }</span></p><p class="MsoNormal" style="margin:0in"><span style="background-color:rgba(255,255,255,0)"> }</span></p><p class="MsoNormal" style="margin:0in"><span style="background-color:rgba(255,255,255,0)"> }</span></p><p class="MsoNormal" style="margin:0in"><span style="background-color:rgba(255,255,255,0)"><br></span></p></div><div><div dir="ltr"><br>Am 10.10.2020 um 15:23 schrieb HARISH KUMAR Ivaturi <<a href="mailto:harishkumarivaturi@gmail.com" target="_blank">harishkumarivaturi@gmail.com</a>>:<br><br></div><blockquote type="cite"><div dir="ltr"><div dir="ltr">Hi Manuel <div><br></div><div>I am not sure if you remember but with your help i have installed Nginx with HTTP/3 by installing boringssl.</div><div>After all the process done you have suggested me to do </div><div>sudo cp objs/nginx /usr/local/bin/</div><div><br></div><div>So now.</div><div><br></div><div><br></div><div>$ nginx -V<br>nginx version: nginx/1.19.1<br>built by gcc 7.5.0 (Ubuntu 7.5.0-3ubuntu1~18.04) <br>built with OpenSSL 1.1.0 (compatible; BoringSSL) (running with BoringSSL)<br>TLS SNI support enabled<br>configure arguments: --with-debug --with-http_v3_module --with-cc-opt=-I../boringssl/include --with-ld-opt='-L../boringssl/build/ssl -L../boringssl/build/crypto'<br></div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Sat, Oct 10, 2020 at 5:18 PM Manuel <<a href="mailto:manuel.baesler@gmail.com" target="_blank">manuel.baesler@gmail.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="auto">Hi,<div><br></div><div>can you verify that the nginx binary that is using the http3 config is the nginx that can do http3?</div><div>For this you have to locate the systemd file that starts the nginx server and then look into the file to which path the executable point. Then run minus minus version on the binary.</div><div><div dir="ltr"><br>Am 10.10.2020 um 15:04 schrieb HARISH KUMAR Ivaturi <<a href="mailto:harishkumarivaturi@gmail.com" target="_blank">harishkumarivaturi@gmail.com</a>>:<br><br></div><blockquote type="cite"><div dir="ltr"><div dir="ltr">Hi <div><br></div><div>I have installed nginx with http/3 with mercurial. </div><div>I just need a proper default.conf which is located in /etc/nginx/conf.d and in default.conf</div><div><br></div><div>BR</div><div>Harish Kumar</div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Sat, Oct 10, 2020 at 5:00 PM Maxim Konovalov <<a href="mailto:maxim@nginx.com" target="_blank">maxim@nginx.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">On 10.10.2020 17:56, HARISH KUMAR Ivaturi wrote:<br>
> Hi<br>
> <br>
> Sorry, this is my final default.conf<br>
> <br>
> server {<br>
> listen 443 ssl; # TCP listener for HTTP/1.1<br>
> listen 443 http3 reuseport; # UDP listener for QUIC+HTTP/3<br>
> server_name localhost;<br>
> ssl_protocols TLSv1.3; # QUIC requires TLS 1.3<br>
> ssl_certificate cert.crt;<br>
> ssl_certificate_key cert.key;<br>
> <br>
> add_header Alt-Svc 'quic=":443"'; # Advertise that QUIC is available<br>
> add_header QUIC-Status $quic; # Sent when QUIC was used<br>
> }<br>
> <br>
> after this i run <br>
> curl -k --http3 -v "<a href="https://127.0.0.1:443" rel="noreferrer" target="_blank">https://127.0.0.1:443</a>"<br>
> <br>
> And in another terminal i have my <br>
> sudo tail -f /var/log/nginx/error.log<br>
> <br>
> 2020/10/10 14:45:24 [emerg] 25485#25485: invalid parameter "http3" in<br>
> /etc/nginx/conf.d/default.conf:3<br>
> <br>
> Help me with this issue.<br>
> <br>
You probably complied nginx from the vanilla repo while you should take<br>
it from this one:<br>
<br>
<a href="https://hg.nginx.org/nginx-quic/file/quic" rel="noreferrer" target="_blank">https://hg.nginx.org/nginx-quic/file/quic</a><br>
<br>
See <a href="https://quic.nginx.org/" rel="noreferrer" target="_blank">https://quic.nginx.org/</a> for more information.<br>
<br>
-- <br>
Maxim Konovalov<br>
</blockquote></div>
</div></blockquote><blockquote type="cite"><div dir="ltr"><span>_______________________________________________</span><br><span>nginx-devel mailing list</span><br><span><a href="mailto:nginx-devel@nginx.org" target="_blank">nginx-devel@nginx.org</a></span><br><span><a href="http://mailman.nginx.org/mailman/listinfo/nginx-devel" target="_blank">http://mailman.nginx.org/mailman/listinfo/nginx-devel</a></span></div></blockquote></div></div>_______________________________________________<br>
nginx-devel mailing list<br>
<a href="mailto:nginx-devel@nginx.org" target="_blank">nginx-devel@nginx.org</a><br>
<a href="http://mailman.nginx.org/mailman/listinfo/nginx-devel" rel="noreferrer" target="_blank">http://mailman.nginx.org/mailman/listinfo/nginx-devel</a></blockquote></div>
</div></blockquote><blockquote type="cite"><div dir="ltr"><span>_______________________________________________</span><br><span>nginx-devel mailing list</span><br><span><a href="mailto:nginx-devel@nginx.org" target="_blank">nginx-devel@nginx.org</a></span><br><span><a href="http://mailman.nginx.org/mailman/listinfo/nginx-devel" target="_blank">http://mailman.nginx.org/mailman/listinfo/nginx-devel</a></span></div></blockquote></div></div></div></div>_______________________________________________<br>
nginx-devel mailing list<br>
<a href="mailto:nginx-devel@nginx.org" target="_blank">nginx-devel@nginx.org</a><br>
<a href="http://mailman.nginx.org/mailman/listinfo/nginx-devel" rel="noreferrer" target="_blank">http://mailman.nginx.org/mailman/listinfo/nginx-devel</a></blockquote></div>
</div></blockquote><blockquote type="cite"><div dir="ltr"><span>_______________________________________________</span><br><span>nginx-devel mailing list</span><br><span><a href="mailto:nginx-devel@nginx.org">nginx-devel@nginx.org</a></span><br><span><a href="http://mailman.nginx.org/mailman/listinfo/nginx-devel">http://mailman.nginx.org/mailman/listinfo/nginx-devel</a></span></div></blockquote></div></body></html>