How to Enable Nginx HTTP/3 and QUIC

Originally posted on Thursday, June 8, 2023 by Joshua James
Last Updated on Sunday, July 16, 2023
Estimated reading time: 4 minutes
Enable Nginx HTTP3 and QUIC

HTTP/3 is the third version of the Hypertext Transfer Protocol (HTTP), which is used for data communication on the World Wide Web. Compared to its predecessor, HTTP/2, HTTP/3 operates over QUIC, a transport layer protocol, instead of TCP. This change reduces latency and improves the browsing experience.

This guide provides detailed instructions on how to enable HTTP/3 on Nginx if you already have it installed and running. We’ll be modifying the Nginx configuration file to ensure that the http2 and http3 modules are enabled in the listen directive, and we’ll add the necessary options to the server block.

Prerequisites:

  • A running Nginx server with Nginx v1.25+ installed.
  • Root or sudo access to the server
  • Basic knowledge of Linux command line and Nginx configuration

Step 1: Accessing and Modifying the Nginx Configuration File

To initiate the process, the configuration file of the Nginx server needs to be accessed. This configuration file is typically located at /etc/nginx/nginx.conf. To access this file, you can use any text editor of your choice. However, for the ease of understanding and simplicity, the demonstration will be carried out using the nano text editor. You can open this file in nano with the following command:

sudo nano /etc/nginx/nginx.conf

Step 2: Modifying the Listen Directive for HTTP/2 and HTTP/3

Once you have opened the configuration file, your next objective is to locate the server block within it. It’s crucial to ensure that the HTTP/2 and HTTP/3 modules are activated in the listen directive.

Your listen directive, after the necessary modifications, should appear as follows:

server {
    listen 80;
    listen [::]:80;
    listen 443 ssl http2;
    listen [::]:443 ssl http2;
    listen 443 ssl http3 reuseport;
    listen [::]:443 ssl http3 reuseport;
    ...
}

In the above segment, the listen directive instructs Nginx to monitor the mentioned ports. In this specific context, Nginx is set to listen on ports 80 (HTTP), 443 (HTTPS with HTTP/2), and 443 with HTTP/3 enabled.

Step 3: Incorporating SSL and HTTP/3 Configuration Options

Within the identical server block, you now need to add the SSL configuration options as shown below:

server {
    ...
    ssl_certificate /etc/ssl/certs/your_domain.crt;
    ssl_certificate_key /etc/ssl/private/your_domain.key;
    ssl_protocols TLSv1.2 TLSv1.3;
    ssl_ciphers "TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384";
    ssl_prefer_server_ciphers on;

    # Enable QUIC and HTTP/3
    ssl_quic on;
    ssl_early_data on;
    ...
}

Here, /etc/ssl/certs/your_domain.crt and /etc/ssl/private/your_domain.key are placeholders. You need to replace these placeholders with the correct paths to your SSL certificate and private key, respectively. This set of configurations essentially activates QUIC and HTTP/3 on your Nginx server.

Step 4: Saving Changes and Exiting the Editor

After executing the necessary modifications, it’s time to save and close the configuration file. If you are using nano as the text editor, you can simply save and exit by pressing Ctrl+X, followed by Y, and then Enter.

Step 5: Restarting the Nginx Server

In order for the modifications to take effect, you need to restart the Nginx server. You can accomplish this task by using the command given below:

sudo systemctl restart nginx

Step 6: Verifying HTTP/3 Support

Finally, to ensure that your server is properly configured to support HTTP/3, you can use an online testing tool like HTTP/3 Check. All you need to do is enter your domain name and hit “Check”. If the server is correctly set up, you will see a green checkmark that indicates that your server supports HTTP/3.

You can also validate HTTP/3 support by using the curl command along with the --http3 flag as shown below:

curl -I --http3 https://your_domain.com

When HTTP/3 support is correctly configured, you will receive a response that begins with HTTP/3 200, as shown in this hypothetical output:

HTTP/3 200
date: Tue, 07 Jun 2023 14:21:39 GMT
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=86400
...

In the output above, the HTTP/3 200 status code indicates a successful HTTP request. The alt-svc line shows that alternative services are available on this server, including HTTP/3 support on port 443. The value of ma (maximum age) shows how long this information should be cached, in this case, for 86400 seconds (one day).

Final Thoughts on Nginx HTTP/3 and Quic

Enabling HTTP/3 and QUIC on your Nginx server can be a critical step towards optimizing the performance and security of your web applications. This technical guide walked you through the process, demonstrating how to access and modify the Nginx configuration file, alter the Listen Directive for HTTP/2 and HTTP/3, incorporate the necessary SSL and HTTP/3 configurations, save changes, restart the Nginx server, and finally, verify HTTP/3 support.

You may also like:

  1. How to Configure Security Headers in Nginx
  2. How to Enable HTTP Strict Transport Security in Nginx
  3. How to Rate Limit in NGINX
  4. How to Change NGINX Port
  5. How to Configure Upgrade Insecure Requests in Nginx
  6. How to Set Regular Expression in Nginx Location Blocks
  7. How to Redirect URLs in NGINX
  8. How to Create a Reverse Proxy in Nginx
  9. How to Create Rewrite Rules in Nginx
  10. NGINX If Else Directives: Understanding Its Usage

How to Install Falkon Browser on Ubuntu 24.04, 22.04 or 20.04

How to Install Xfce on Debian 12, 11 or 10

If you have any legitimate inquiries, such as article suggestions, don't hesitate to contact LinuxCapable. Kindly ensure that your message is written in the English language.

Contact Us
About Us Copyright Policy Disclaimer Privacy Policy Terms & Conditions Contact Us