Nginx 1.25.2 HTTP/3 works over CURL, but doesn't work in any browser

Question

I am trying to configure nginx 1.25.2 with HTTP/3 support on Ubuntu 22.04. I build it using BoringSSL library. But when I try to connect to my server using browser, I don't get anything.("Unable to connect" in Firefox and "This site can't be reached" in Chrome for example).

Here is nginx -V output:

built with OpenSSL 1.1.1 (compatible; BoringSSL) (running with BoringSSL) 
TLS SNI support enabled configure arguments: 
--prefix=/etc/nginx --with-http_ssl_module --with-http_v2_module --with-debug 
--with-http_v3_module --with-cc-opt=-I../boringssl/include 
--with-ld-opt='-L../boringssl/build/ssl -L../boringssl/build/crypto'

Here is my server part in nginx.conf:

 server {
        #listen 443 ssl 
        #http2 on;
        listen 443 quic reuseport;
        server_name  example_myserver;
        ssl_certificate cert.pem;
        ssl_certificate_key key.pem;
        ssl_protocols TLSv1.3;
        location / {
            add_header Alt-Svc 'h3=":443"; ma=86400';
            root   html;
            index  index.html index.htm;
        }

Using above config I can get HTTP/3 response using http3 curl:

HTTP/3 200 
server: nginx/1.25.2
date: Wed, 23 Aug 2023 08:12:55 GMT
content-type: text/html
content-length: 615
last-modified: Tue, 22 Aug 2023 14:25:41 GMT
etag: "64e4c565-267"
alt-svc: h3=":443"; ma=86400
accept-ranges: bytes

and using https://github.com/cloudflare/quiche http3client tool I get this:

<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
html { color-scheme: light dark; }
body { width: 35em; margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif; }
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>

<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>

<p><em>Thank you for using nginx.</em></p>
</body>
</html>

But when I reach the same server via browser, nothing there("Unable to connect" in Firefox and "This site can't be reached" in Chrome). UFW is turned off completely. By the way, http1 and http2 works without any problem. Maybe someone had similar problem and could help me or maybe I missed something? I will be grateful for any useful info.

"nothing there" is not a good description of what actually happenned. — symcbean, Aug 23 '23 at 08:57
"Unable to connect" in Firefox(as I wrote at the start) and "This site can't be reached" in Chrome — Sanch3s, Aug 23 '23 at 09:18
These will connect using HTTP/1.1 over TCP before trying HTTP/3 whereas I believe the successful clients both attempt Quic only. You need to uncomment `#listen 443 ssl` — symcbean, Aug 23 '23 at 13:58
If I uncomment `#listen 443 ssl` It connects only over HTTP/1.1 — Sanch3s, Aug 25 '23 at 07:04
Yes the FIRST request from a browser is always made using HTTP/1.1 - open your webdeveloper tools and see what happens after that. — symcbean, Aug 27 '23 at 19:44
I refresh it multiple times, nothing changes. The cache is disabled btw — Sanch3s, Aug 28 '23 at 08:57

Nginx 1.25.2 HTTP/3 works over CURL, but doesn't work in any browser

0 Answers0