Can't make QUIC work

hi, have you found the solution yet?
I trie matt.life in my chrome with no plug-ins, with quic enabled,
but when I access matt.life, it shows that it is run on HTTP2 protocol, not quic!
But when I access quictranfer.com, it actually shows that it is running quic.
So what is the problem really is ?
I run caddy with -quic in command line and the response header involve
alt-svc:quic=":443"; ma=2592000; v=“36,35,34”
alternate-protocol:443:quic
But I could only find it running HTTP2 with self-signed CA.

still at a loss:sweat:

I’m not running QUIC on it right now. :slight_smile: Sorry about that.

You’ll need to use the Chrome dev tool’s security tab to see the protocol being used (should say QUIC instead of TLS 1.2).

There must be something wrong with my work but I could not figure it out. Would you please take a look at what I have done and give me some advice :worried:

Here is my Caddyfile:
> localhost:443 {

    tls CertificateGenerator/out/leaf_cert.pem CertificateGenerator/out/leaf_cert.key 
    root example
    log access.log

}

and I run caddy this way

and when I run chrome (the latest version on OS X 10.12.3), it tells me it’s TLS 1.2

The response header seems to be right …

and here is the log file

I don’t think the problem is on chrome since quictransfer.com works well…

It works on my site now. To be honest i’m not really sure what fixed it. I sort of gave up on it, just decided to look into it later. Couple of days later I visited my website and noted it was running quic!

Maybe it’s as simple as restarting Caddy and Chrome? And did you enable the quic flag in chrome://flags?

I tried to restart caddy, chrome and even my computer. :disappointed_relieved:
would you please take a look at my latest reply~? thx

Have you opened/forwarded port 443 UDP in your firewall/router?

Here is my caddyfile

localhost:443 {
tls CertificateGenerator/out/leaf_cert.pem CertificateGenerator/out/leaf_cert.key
root example
log access.log
}

my server and client are both on my computer.
I don’t understand if it is concerned with firewall/router? Or could you offer more details on how to open/forward port 443 UDP? Does it mean I should modify my caddyfile or I should change settings on my OS X 10.12.3?

thx!!!

Hmmm didn’t see you where testing your localhost. You are right that port forwarding isn’t necessary then. I’m a little bit out of options to be honest.

:joy:
Thanks anyway.
and I hope things would be fine…

when you browse gmail.com, does it run on QUIC or TLS 1.2 ?
On my computer, it runs on TLS 1.2. May it be an issue ?

and another question, according to your caddyfile

tls myemail@gmail.com

will Caddy automatically fetch CA for you or ? I don’t understand this … :disappointed_relieved:

Did you build Caddy yourself or did you download it from the releases? QUIC isn’t working with current builds of master with golang 1.8. I captured it in a ticket here: https://github.com/mholt/caddy/issues/1483

Builds of the v0.9.5 tag with golang 1.7 should work for you, or the binary from the download server if you don’t care about POSTs over QUIC.

Have you read GitHub - caddyserver/caddy: Fast and extensible multi-platform HTTP/1-2-3 web server with automatic HTTPS?

Are you aware of this:

Next, your site must use a real, trusted certificate

Your certificate for localhost is probably not trusted.

I get a self-signed CA from https://github.com/GaetanoCarlucci/CertificateGenerator
for: localhost

and when quic is not forced on, it could be trusted running TLS 1.2.
So I am not sure whether it is the problem :confounded:

I run QUIC for some QUIC performances tests, I do not own a domain… help :sob:

Check out http://www.dot.tk/, I’ve used it a few times in the past.

1 Like

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.