我已经通过嵌入式 Jetty 添加了对 HTTP/3 的支持。但浏览器不使用它。在浏览器的开发控制台中,我只看到对我的服务器的 HTTP/2 请求。
Alt-Svc: h3=":443"
。对我来说看起来不错。Chrome 不使用 HTTP/3 可能有哪些原因?
如何在非公共服务器上测试 HTTP/3 功能,因为它正在开发中?
通过 docker 镜像中的curl,我得到了一些诊断信息。我跑:
docker run --rm --add-host=my.domain.com:10.10.7.13 ymuski/curl-http3 curl --http3 --verbose https://my.domain.com/
并与谷歌进行比较:
docker run --rm ymuski/curl-http3 curl --http3 --verbose https://www.google.com/
我的输出是:
* CAfile: /etc/ssl/certs/ca-certificates.crt
* CApath: none
* Trying 10.10.7.13:443...
* Connected to my.domaine.com (10.10.7.13) port 443
* ALPN: offers h2,http/1.1
} [5 bytes data]
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
} [512 bytes data]
* CAfile: /etc/ssl/certs/ca-certificates.crt
* CApath: none
{ [5 bytes data]
* TLSv1.2 (IN), TLS handshake, Server hello (2):
{ [122 bytes data]
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
} [1 bytes data]
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
{ [45 bytes data]
* TLSv1.3 (IN), TLS handshake, Certificate (11):
{ [4030 bytes data]
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
{ [264 bytes data]
* TLSv1.3 (IN), TLS handshake, Finished (20):
{ [36 bytes data]
* TLSv1.3 (OUT), TLS handshake, Finished (20):
} [36 bytes data]
* SSL connection using TLSv1.3 / TLS_AES_128_GCM_SHA256
* ALPN: server accepted h2
* Server certificate:
* subject: CN=*.internal.inetsoftware.de
* start date: Oct 3 10:15:24 2023 GMT
* expire date: Jan 1 10:15:23 2024 GMT
* subjectAltName: host "my.domaine.com" matched cert's "*.domaine.com"
* issuer: C=US; O=Let's Encrypt; CN=R3
* SSL certificate verify ok.
} [5 bytes data]
* using HTTP/2
* h2 [:method: GET]
* h2 [:scheme: https]
* h2 [:authority: my.domaine.com]
* h2 [:path: /]
* h2 [user-agent: curl/8.2.1-DEV]
* h2 [accept: */*]
* Using Stream ID: 1
} [5 bytes data]
> GET / HTTP/2
> Host: my.domaine.com
> User-Agent: curl/8.2.1-DEV
> Accept: */*
Google 的输出是:
* CAfile: /etc/ssl/certs/ca-certificates.crt
* CApath: none
* subjectAltName: host "www.google.com" matched cert's "*.google.com"
* Connected to www.google.com (142.250.184.196) port 443
* using HTTP/3
* Using HTTP/3 Stream ID: 0
> GET / HTTP/3
> Host: www.google.com
> User-Agent: curl/8.2.1-DEV
> Accept: */*
ALPN 似乎有问题。
编辑:问题是缺少乳蛋饼库。码头就简单地没有响应。