Get all of the deps from brew:
brew update
brew upgrade
brew install hg git go cmake ninja
from https://boringssl.googlesource.com/boringssl/+/HEAD/BUILDING.md
git clone https://boringssl.googlesource.com/boringssl
cd boringssl
mkdir build
cd build
cmake -GNinja ..
ninja
cd ../..
from https://hg.nginx.org/nginx-quic/file/tip/README
hg clone -b quic https://hg.nginx.org/nginx-quic
cd nginx-quic
./auto/configure --with-debug --with-http_ssl_module --with-http_v3_module \
--with-cc-opt="-I../boringssl/include" \
--with-ld-opt="-L../boringssl/build/ssl \
-L../boringssl/build/crypto"
make
sudo make install
see https://blog.cloudflare.com/experiment-with-http-3-using-nginx-and-quiche/#running
sudo mkdir /usr/local/nginx/conf/ssl
sudo cp ~/Sites/syndi/test/certs/* /usr/local/nginx/conf/ssl
modify /usr/local/nginx/conf/nginx.conf
by adding this block in
https://www.nginx.com/blog/introducing-technology-preview-nginx-support-for-quic-http-3/#NGINX-QUIC+HTTP/3-Preview
be sure to update the ssl cert name to syndi.local.crt
, syndi.local.key
rather than example.com.crt
sudo /usr/local/nginx/sbin/nginx -s reload
This worked for me on firefox, but not in any other browser. I'm wondering if this has to do with self-signed certificate limitations that differ between browsers.
I'd like to set this up on a test machine complete with a legit certbot certificate to be sure.