<html><head><meta http-equiv="content-type" content="text/html; charset=utf-8"></head><body style="overflow-wrap: break-word; -webkit-nbsp-mode: space; line-break: after-white-space;">Hi,<br id="lineBreakAtBeginningOfMessage"><div><br><blockquote type="cite"><div>On 26 Jun 2024, at 6:15 PM, Riccardo Brunetti Host <riccardo.brunetti@host.it> wrote:</div><br class="Apple-interchange-newline"><div><meta http-equiv="Content-Type" content="text/html; charset=utf-8"><div style="word-wrap: break-word; -webkit-nbsp-mode: space; line-break: after-white-space;">Hello.<div><br></div><div>I have a Nginx server which acts as a reverse proxy for a given number of different domains and I’m trying to enable http3 for a subset of them.</div><div><br></div><div>I placed the directives:</div><div><br></div><div><blockquote type="cite"><div> http3 on;</div><div> listen xx.xx.xx.xx:443 default_server quic reuseport;</div><div> quic_retry on;</div></blockquote><br></div><div>in the default.conf file and then, only for those domains which I want http3 enabled I also add in the corresponding virtual host:</div><div><br></div><div><blockquote type="cite"><div> http3 on;</div><div> listen xx.xx.xx.xx:443 quic;</div><div> quic_retry on;</div></blockquote><div><br></div>In the server section and <br><br></div><div><blockquote type="cite"><pre style="padding: 0px; margin-top: 0px; margin-bottom: 0px; font-variant-ligatures: normal; orphans: 2; widows: 2; background-color: rgb(255, 255, 255); text-decoration-thickness: initial;">add_header Alt-Svc 'h3=":8443"; ma=86400';</pre></blockquote><div><br></div></div><div>Inside the location.</div><div><br></div><div>Now, what happens is that if I try to open the sites *with* http3 enabled, everything works as expected. If I try to open a site *without* http3 enabled, sometimes I have an SSL error because the server returns the “default virtual host” certificate.</div><div>It seems related to the type of browser.</div><div><br></div><div>Is it an expected behaviour or I am doing something wrong with the server configuration?</div></div></div></blockquote><div><br></div><div>If you use http/3 to access a virtual server that does not support http/3, the default http/3 server will be used.<br></div><div><br></div><div>Make sure the above add_header does not affect the servers which do not support http/3.</div><div>If it does, this will mislead clients by offering them to switch to unsupported http/3.</div><br><blockquote type="cite"><div><div style="word-wrap: break-word; -webkit-nbsp-mode: space; line-break: after-white-space;"><div>Nginx version: nginx/1.26.1 on ubuntu 22.04</div><div><br></div><div>Thanks.</div><div>Riccardo</div></div>_______________________________________________<br>nginx mailing list<br>nginx@nginx.org<br>https://mailman.nginx.org/mailman/listinfo/nginx<br></div></blockquote></div><br><div>
<div dir="auto" style="caret-color: rgb(0, 0, 0); color: rgb(0, 0, 0); letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; text-decoration: none; word-wrap: break-word; -webkit-nbsp-mode: space; line-break: after-white-space;"><div>----</div><div>Roman Arutyunyan</div><div>arut@nginx.com</div><div><br></div></div><br class="Apple-interchange-newline"><br class="Apple-interchange-newline">
</div>
<br></body></html>