Running this command from an elevated prompt will create the key:
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\HTTP\Parameters" /v EnableHttp3 /t REG_DWORD /d 1 /f
|
Then restart the http.sys service or reboot Windows to apply the setting.
It is likely the web service will need to advertise it is available over HTTP/3 as well using “Alt-Svc” headers in HTTP/2 responses (though this can also be done using HTTP/2 ALTSVC frames). This allows clients who connect over HTTP/2 to learn the service’s HTTP/3 endpoint and use that going forward. This is done by sending an HTTP/3 ALPN (“Application-layer Protocol Negotiation”) identifier with HTTP/2 responses advertising a specific version of HTTP/3 to use for future requests. Sending the ALTSVC frame can be done by http.sys. That can be enabled by setting the “EnableAltSvc” registry key with the command below.
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\HTTP\Parameters" /v EnableAltSvc /t REG_DWORD /d 1 /f |
After that run the following in PowerShell:
Enable-TlsCipherSuite -Name TLS_CHACHA20_POLY1305_SHA256 -Position 0 |
Under the HTTP Response Headers, add a custom HTTP response header with the following information:
Name: alt-svc
Value: h3=":443"; ma=86400; persist=1
After adding the response header, enabling the cipher suites and merging the registry keys, reboot your Windows Server 2022 server.
No comments:
Post a Comment