Mercurial > hg > nginx-quic
comparison README @ 9070:8347620e0e76 quic
README: revised TLSv1.3 requirement for QUIC.
TLSv1.3 is enabled by default since d1cf09451ae8.
| author | Roman Arutyunyan <arut@nginx.com> |
|---|---|
| date | Tue, 11 Apr 2023 18:29:20 +0400 |
| parents | c851a2ed5ce8 |
| children | b9230e37b8a1 |
comparison
equal
deleted
inserted
replaced
| 9069:9ea62b6250f2 | 9070:8347620e0e76 |
|---|---|
| 117 | 117 |
| 118 To enable 0-RTT: | 118 To enable 0-RTT: |
| 119 | 119 |
| 120 ssl_early_data on; | 120 ssl_early_data on; |
| 121 | 121 |
| 122 Make sure that TLS 1.3 is configured which is required for QUIC: | |
| 123 | |
| 124 ssl_protocols TLSv1.3; | |
| 125 | |
| 126 To enable GSO (Generic Segmentation Offloading): | 122 To enable GSO (Generic Segmentation Offloading): |
| 127 | 123 |
| 128 quic_gso on; | 124 quic_gso on; |
| 129 | 125 |
| 130 To limit maximum UDP payload size on receive path: | 126 To limit maximum UDP payload size on receive path: |
| 133 | 129 |
| 134 To set host key for various tokens: | 130 To set host key for various tokens: |
| 135 | 131 |
| 136 quic_host_key <filename>; | 132 quic_host_key <filename>; |
| 137 | 133 |
| 134 QUIC requires TLSv1.3 protocol, which is enabled by the default | |
| 135 by "ssl_protocols" directive. | |
| 138 | 136 |
| 139 By default, GSO Linux-specific optimization [10] is disabled. | 137 By default, GSO Linux-specific optimization [10] is disabled. |
| 140 Enable it in case a corresponding network interface is configured to | 138 Enable it in case a corresponding network interface is configured to |
| 141 support GSO. | 139 support GSO. |
| 142 | 140 |
| 173 listen 8443 quic reuseport; | 171 listen 8443 quic reuseport; |
| 174 listen 8443 ssl; | 172 listen 8443 ssl; |
| 175 | 173 |
| 176 ssl_certificate certs/example.com.crt; | 174 ssl_certificate certs/example.com.crt; |
| 177 ssl_certificate_key certs/example.com.key; | 175 ssl_certificate_key certs/example.com.key; |
| 178 ssl_protocols TLSv1.3; | |
| 179 | 176 |
| 180 location / { | 177 location / { |
| 181 # required for browsers to direct them into quic port | 178 # required for browsers to direct them into quic port |
| 182 add_header Alt-Svc 'h3=":8443"; ma=86400'; | 179 add_header Alt-Svc 'h3=":8443"; ma=86400'; |
| 183 } | 180 } |