Hi, im trying to use a custom Version of QUIC, forked by me from the original go-quic repo. I don’t know if this is possible. I am kinda new with Caddy. I am trying to set up a Caddy server in my wlan where i can access to my local server from the other device. I am having problem with the certificate and with the setup for the use of QUIC.
I start reading doc and following other post in the community about the use of http3 and other.
My question is about how implement a Caddy server that use QUIC/http3 and futhermore use my custum version of the official Quic repo.
Using Wireshark i saw that isnt using QUIC but only TCP and TLS1.3
2. Error messages and/or full log output:
menny@menny ~/D/r/caddy (main)> sudo caddy run --config Caddyfile
2024/05/06 16:50:37.011 INFO using provided configuration {"config_file": "Caddyfile", "config_adapter": ""}
2024/05/06 16:50:37.018 INFO admin admin endpoint started {"address": "localhost:2019", "enforce_origin": false, "origins": ["//localhost:2019", "//[::1]:2019", "//127.0.0.1:2019"]}
2024/05/06 16:50:37.019 INFO tls.cache.maintenance started background certificate maintenance {"cache": "0xc0003bbb80"}
2024/05/06 16:50:37.022 WARN tls stapling OCSP {"error": "no OCSP stapling for [localhost]: no OCSP server specified in certificate"}
2024/05/06 16:50:37.022 INFO http.auto_https enabling automatic HTTP->HTTPS redirects {"server_name": "srv0"}
2024/05/06 16:50:37.023 INFO http enabling HTTP/3 listener {"addr": ":443"}
2024/05/06 16:50:37.023 INFO http.log server running {"name": "srv0", "protocols": ["h1", "h2", "h3"]}
2024/05/06 16:50:37.024 INFO http.log server running {"name": "remaining_auto_https_redirects", "protocols": ["h1", "h2", "h3"]}
2024/05/06 16:50:37.024 INFO autosaved config (load with --resume flag) {"file": "/root/.local/share/caddy/autosave.json"}
2024/05/06 16:50:37.024 INFO serving initial configuration
2024/05/06 16:50:37.028 WARN tls storage cleaning happened too recently; skipping for now {"storage": "FileStorage:/root/.local/share/caddy", "instance": "dd39ef14-e4fe-4e38-b3ef-cdaa34068d4f", "try_again": "2024/05/07 16:50:37.028", "try_again_in": 86399.999998518}
2024/05/06 16:50:37.028 INFO tls finished cleaning storage units
As i expect auto-generate certificate can be a problem. But idk other method on how i can establish a HTTP3/QUIC connnection.
With the flag --insecure with Wireshark i capture the che correct QUIC handshake and packets.
So why with firefox and other browser send me to a TCP connection?
Maybe the certificate isn’t valid and the browser work as curl did without the flag --insecure.
Instead have u some advice to implement my own version of quic?
Browsers almost always try TCP first and only try UDP if they see the Alt-Svc header signaling that the server supports HTTP/3. Browsers don’t reliably choose HTTP/3, if they deem HTTP/2 to be fast enough they’ll just use that. Especially if you’re on your LAN, it’s so fast that it doesn’t need to.
There might be ways to configure the browser to force it to use HTTP/3, but this has nothing to do with Caddy, clearly HTTP/3 works as you can see from using curl.
There is a HTTPS DNS record that can be used to tell browsers that this domain has a https support as well as supported protocol versions via alpn="h3,h2,http/1.1". This can be improved with ipv4hint="1.2.3.4" ipv6hint="1234:4567::1"