How Do You Enable HTTP/3 on IIS?
The new HTTP/3 protocol is supposed to be faster and more secure than HTTP/2. How do I enable it on Windows Server running IIS websites?
As of this writing, HTTP/3 is only supported on Windows Server 2022. If you are on any previous version, I'm afraid you are out of luck.
Assuming you are on Windows Server 2022, here is how you enable it.
Step 1: Update the Windows Registry
Copy and paste the following text into a new .reg file. You can call it something like "enable-http-3.reg"
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.3\Client]
"DisabledByDefault"=dword:00000000
"Enabled"=dword:00000001
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.3\Server]
"DisabledByDefault"=dword:00000000
"Enabled"=dword:00000001
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\HTTP\Parameters]
"EnableHttp3"=dword:00000001
"EnableAltSvc"=dword:00000001
Once saved, execute it on your Windows Server 2022 by double-clicking it, or by using reg.exe.
Step 2: Enable TLS Cipher
Note: Based on feedback from other users, this step may be optional. However, I needed to enable it on my installation.
Open PowerShell as Administrator to enable the TLS_CHACHA20_POLY1305_SHA256 cipher suite. Execute the following command in PowerShell:
Enable-TlsCipherSuite -Name TLS_CHACHA20_POLY1305_SHA256 -Position 0
Step 3: Allow UDP Connections on Port 443
HTTP/3 uses QUIC protocol which uses incoming UDP connections on port 443. You'll need to allow connections if you're using a firewall. Here is how the rule might look in Windows Firewall:
Step 4: Add HTTP/3 Response Headers to IIS
HTTP/3 requires some special response headers within IIS. Select either the website, or the machine within IIS and select "HTTP Response Headers."
Create a new response header with the name alt-svc and the value h3=":443"; ma=86400; persist=1.
That's it! Now test to make sure HTTP/3 is working in your browser. Many modern browsers li support HTTP/3 so you shouldn't need any configuration changes. However, one thing to note is that HTTP/3 only works on HTTPS connections, so if you're loading a website using HTTP, it will not work. Make sure to configure websites in IIS to use HTTPS protocol.
You will know when HTTP/3 is working via the browser's dev tools. Open developer tools, click on the network tab and note the protocol column. Chrome 108.0.5359.94 screenshot:
Firefox 107.0.1 screenshot:
Troubleshooting Tips
- Reboot Windows 2022 server
- Make sure the website is loaded via HTTPS! Do you see the lock icon in the browser?
- Completely close the browser (all tabs) and restart it before loading the website
- Disable the browser cache via browser developer tools when testing
- Completely clear the browser cache and reboot the client machine(s).
More resources and references:
- https://4sysops.com/archives/increase-iis-performance-with-http3-in-windows-server-2022/
- https://blog.workinghardinit.work/2021/10/11/iis-and-http-3-quic-tls-1-3-in-windows-server-2022/
- https://techcommunity.microsoft.com/t5/networking-blog/enabling-http-3-support-on-windows-server-2022/ba-p/2676880
- NSX Load Balancer not working with IIS Host header Binding
- Simple site in IIS 10 Getting 503 service unavailable when Identity set to a service account
- Why does my ASP.NET Core 5 Razor Page return a 404 on IIS, but not in Visual Studio?
- IIS 7.5 only shows directory list or 403 instead of ASP.NET Application
- how to use httpPlatformHandler with Tomcat on Virtual Directory only
- Login loop on ASP.NET application
- Publish to IIS, setting Environment Variable
- HTTP Error 500.19 - Internal Server Error (0x8007000d)
- ASP.NET: HTTP Error 500.19 – Internal Server Error 0x8007000d
- Printing on users default printer from .net application on server
- PHP response triggers HEX view in Edge debugger
- Fix Razor web pages with a friendly URL returning a 404 error
- ASP.NET Core 404 Error on IIS 10
- My asp.net core app doesn't find favicon.ico when it's deployed to IIS
- IIS 6.1 - Always running web site with Hangfire for background jobs
- login/logout issue for multiple IIS applications under the same site
- Deploying NodeJS application in IIS server
- What are the technical differences between Cassini and IIS for a development environment?
- Deploy Angular 17 with SSR on IIS Server
- PowerShell script to monitor IIS logs for 500 errors every 10 minutes
- How to prevent download of files to unauthenticated users
- How to debug this issue with MapRequestHandler, ASP.NET and the cookieless config
- Regular Expression "^$" For URL Rewrite in IIS
- Running Quarkus Native Image API with IIS as a Reverse Proxy alongside ASP.NET Core
- How to run vuejs files on IIS
- System.Net.Mail.SmtpFailedRecipientException: Mailbox unavailable.
- With IIS 10 on Windows Server 2022, MIME type is NOT being inherited
- Changing IIS 6/7 Application Pool settings programmatically
- IIS not able to locate the web.config
- arr url rewrite not working for external sites