Windows Server 2022 was released in 2021 which introduced native support for HTTP/3. HTTP/3 is an improvement on HTTP2 that makes websites on Internet Information Services (IIS) load faster with more security.
That said, HTTP/3 still needs to be enabled on Server 2022. In this article, we show you how to enable HTTP/3 and configure all relevant settings.
Table of Contents
What is HTTP/3
The “3” in HTTP/3 denotes the third major iteration of the Hypertext Transfer Protocol. This protocol is the backbone of the entire internet services that you use today since much of the communication between the servers is carried out using this protocol.
HTTP/3 is a new standard in development that will affect how web browsers and servers communicate. It was released in June 2022, after its last major iteration in 2015.
When the first internet protocols were created, devices were less portable and did not swap networks frequently. The fact that HTTP/3 utilizes the new transport protocol Quick UDP Internet Connection (QUIC) is a significant benefit for these mobile devices.
QUIC is intended for internet users that are heavily reliant on mobile devices, such as smartphones. This protocol significantly reduces the delay caused by the transfer of the internet connection between wi-fi and cellular data.
It also has other benefits, like zero round-trip time (0-RTT), where time is not wasted to re-establish a connection through a handshake when a client device has already connected to a server. Additionally, HTTP/3 also has more comprehensive encryption, making it the most secure HTTP iteration yet.
With the benefits of HTTP/3 known, let us show you how to enable it on Windows Server 2022.
Note: It is assumed that you have already enabled IIS and installed IIS Manager on your server.
Enable HTTP/3 for IIS on Server 2022
Enabling HTTP/3 for ISS on Windows Server 2022 is a 3-part method. Here are the 3 things that need to be done:
- Enable TLS 1.3
- Add TLS_CHACHA20_POLY1305_SHA256 cipher suite for TLS connections
- Add an HTTP/3 response code to the HTTP header of your IIS website
We have divided these steps into different sections into the following sections. Continue to perform the following methods in the given order to enable HTTP/3 for IIS.
Enable TLS 1.3 and HTTP/3
To enable TLS 1.3 and HTTP/3 on Server 2022, you must make changes to the Registry. We have simplified the process for you by providing a .REG file that you can download and execute on your Server 2022 machine.
Note: Misconfiguration of critical values in the system’s registry could be fatal for your operating system. Therefore, we insist that you create a system restore point before proceeding forward with the process.
You can also use our top selection of disk imaging and backup software so you never lose your data or operating system again.
Add Registry keys for TLS 1.3 and HTTP3 (1,024 bytes, 232 hits)
Click on the given link to download the compressed file. Extract its contents and then run the Registry file to enable TLS 1.3 and HTTP/3. Continue through with any confirmations and prompts that you may receive.
Add the Cipher
Next, you must enable the “TLS_CHACHA20_POLY1305_SHA256” cipher suite on the server. This can be done by running a simple cmdlet in PowerShell.
Run the following cmdlet in an elevated PowerShell instance:
Enable-TlsCipherSuite -Name TLS_CHACHA20_POLY1305_SHA256 -Position 0
Add HTTP/3 Response Code to HTTP Header
Now, we must add the HTTP/3 response code to the HTTP header for your website created in IIS on your server. Here is a step-by-step guide on how to do it successfully:
-
Open the IIS Management console.
-
Navigate to your website from the left pane.
Open site in IIS Manager -
Click “Bindings” in the right pane, under the “Edit site” section.
Open site bindings -
Click Add.
Add binding -
Select Type “https” and ensure that the port is “443.”
Configure HTTPS binding -
Assign a self-signed certificate and click Ok.
Assign certificate You can create a self-signed certificate by going to IIS Manager >> Server (left pane) >> Server Certificates >> Create Self-Signed Certificate (right pane).
-
Remove the default binding entries.
Remove other binding entries -
Now open “HTTP Response Headers.”
Open HTTP Response Headers -
Click Add.
Add a response header -
Enter the following details as name and value and click Ok:
- Name: alt-svc
- Value: h3=”:443″; ma=86400; persist=1
Add HTTP response header -
Now restart the server for the changes to take effect.
You have now successfully configured HTTP/3 for IIS on Server 2022. However, there are still a few confirmations to make before proceeding.
Make sure that QUIC traffic (Port 443) is allowed through the firewall. Run the following cmdlet in PowerShell. If the status returns as “True,” it means that it has been allowed. If not, then you must either allow the port through the firewall or disable it completely.
Get-NetFirewallRule | ?{ $_.DisplayName -eq "World Wide Web Services (QUIC Traffic-In)" }|select name,enabled, status
Check HTTP/3 Responses
Now that you have successfully configured HTTP/3 for IIS, you must confirm if it is working or not. Perform the following steps to verify that HTTP/3 has been enabled successfully:
-
Open your local website in any web browser.
If you are running a dummy website, then you must enter “https://localhost:443” in the browser’s address bar.
Access the local website -
Press CTRL+ Shift + I to enter Inspect Mode.
-
Switch to the “Network” tab.
Open the Network tab in Inspect Mode -
Press CTRL + R to refresh the data, and then add the Protocol column.
Refresh -
The Protocol column should list “h3,” signifying the use of HTTP/3 protocol.
Conclusion
Running the HTTP/3 protocol instead of HTTP/2 or older will make the end user’s browsing experience much faster, especially if they are always on the go and switch between mobile data and wi-fi.
Additionally, you will have more complex encryption, which means more security for your website.
Let us know your experience with HTTP/3 in the comments below.
