With the release of Windows Server 2022, there is now native support for hosting HTTP/3 services in IIS 10.0. Jeej! In short, here are the few steps you need to perform to enable HTTP/3 in Windows Server 2022. I can't provide you with full details and how-to's, as I don't know your network.
Enable HTTP/3 in Windows Server 2022 IIS 10.0, in a nutshell:
- Add registry values to EnableHttp3 and EnableAltSvc:
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\HTTP\Parameters" /v EnableHttp3 /t REG_DWORD /d 1 /freg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\HTTP\Parameters" /v EnableAltSvc /t REG_DWORD /d 1 /f
- Verify QUIC traffic (443/UDP) is allowed on your server and in your network:
(Get-NetFirewallRule) | ?{ $_.DisplayName -eq "World Wide Web Services (QUIC Traffic-In)" }
- If
Get-NetFirwallRuleprovides no results, open up your firewall to allow QUIC traffic for Internet Information Services (IIS) [UDP 443]:New-NetFirewallRule -DisplayName "Allow QUIC" -Direction Inbound -Protocol UDP -LocalPort 443 -Action Allow -LocalOnlyMapping $true
These steps worked in my environment with Windows Server 2022 build 10.0.20348. But only on a freshly installed server, not in an in-place upgraded server from pre GA to this GA build. Further, a lot depends on your network: do you allow QUIC traffic traffic through your firewall? There are some different circumstances and results mentioned in the linked blog post below.
TLS 1.3 cipher suite TLS_CHACHA20_POLY1305_SHA256 doesn't seem to be required for having HTTP/3 - QUIC support. If necessary, enable TLS 1.3 cipher suite TLS_CHACHA20_POLY1305_SHA256:
Enable-TlsCipherSuite -Name TLS_CHACHA20_POLY1305_SHA256 -Position 0And verify it's enabled: (Get-TlsCipherSuite).Name | Select-String CHACHA
You may find more information about enabling HTTP/3 in Windows Server 2022 IIS in Tommy Jensen's post Enabling HTTP/3 support on Windows Server 2022.
QUIC - HTTP/3 - performance counters
In your monitoring tool, you can get metrics from the \QUIC Performance Diagnostics\* performance counters, for example for in your Zabbix monitoring and templates.
Neat! :)
Thank you very much! <3 ❤️
Hi, my name is Jan. I am not a hacker, coder, developer or guru. I am merely an application manager / systems administrator, doing my daily thing at Embrace – The Human Cloud. In the past I worked at CLDIN (CLouDINfra) and Vevida. With over 20 years of experience, my specialties include Windows Server, IIS, Linux (CentOS, Debian), security, PHP, websites & optimization. I blog at https://www.saotn.org.
