Closed BobFang2023 closed 6 months ago
开启XQUIC
需要使用root用户 user root;
H3协议默认使用TLS 1.3,使用XQUIC证书指令,配置默认H3证书
参考: https://github.com/alibaba/tengine/blob/master/modules/ngx_http_xquic_module/README.md
可以打开debug级别日志,查看具体的报错信息。
开启XQUIC
- 需要使用root用户 user root;
- H3协议默认使用TLS 1.3,使用XQUIC证书指令,配置默认H3证书
参考: https://github.com/alibaba/tengine/blob/master/modules/ngx_http_xquic_module/README.md
可以打开debug级别日志,查看具体的报错信息。
你好,我是用root用户跑的,xquic_ssl_certificate和xquic_ssl_certificate_key也在https配置内有配置,debug模式开启了,没有多余其它的报错
user root root;
worker_processes auto;
pid /data/app/tengine/pid/nginx.pid;
events {
worker_connections 65536;
use epoll;
}
xquic_log "pipe:rollback /data/app/tengine/logs/tengine-xquic.log baknum=10 maxsize=1G interval=1d adjust=600" debug;
http {
##http3
xquic_ssl_certificate /data/app/tengine/ssl/域名.key;
xquic_ssl_certificate_key /data/app/tengine/ssl/域名.pem;
xquic_congestion_control bbr;
xquic_socket_rcvbuf 5242880;
xquic_socket_sndbuf 5242880;
xquic_anti_amplification_limit 5;
server {
listen 80 default_server reuseport backlog=4096;
listen 443 default_server reuseport backlog=4096 ssl http2;
listen 443 default_server reuseport backlog=4096 xquic;
server_name aa.域名;
add_header Alt-Svc 'h3=":443"; ma=2592000,h3-29=":443"; ma=2592000' always;
error_log /data/app/tengine/logs/error-xquic.log debug;
ssl_certificate /data/app/tengine/ssl/域名.pem;
ssl_certificate_key /data/app/tengine/ssl/域名.key;
ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3;
location / {
return 444 "quic";
}
}
}
在配置文件main段 设置 日志指令 error_log
看下具体的报错信息
error_log "pipe:rollback /data/app/tengine/logs/tengine-error.log baknum=10 maxsize=2G interval=1d adjust=600" debug; xquic_log "pipe:rollback /data/app/tengine/logs/tengine-xquic.log baknum=10 maxsize=1G interval=1d adjust=600" info;
在配置文件main段 设置 日志指令 error_log
看下具体的报错信息
error_log "pipe:rollback /data/app/tengine/logs/tengine-error.log baknum=10 maxsize=2G interval=1d adjust=600" debug; xquic_log "pipe:rollback /data/app/tengine/logs/tengine-xquic.log baknum=10 maxsize=1G interval=1d adjust=600" info;
多谢,通过开启error_log的debug模式找到原因了,是我证书配反了,已解决
Question
启动有报错提示,quic端口无法访问,提示超时,错误日志是debug: 2023/12/06 09:48:23 [notice] 37819#0: signal process started 2023/12/06 09:48:23 [emerg] 37827#0: |xquic|xqc_engine_create: fail| 2023/12/06 09:48:23 [emerg] 37828#0: |xquic|xqc_engine_create: fail| 2023/12/06 09:48:23 [emerg] 37827#0: |xquic|ngx_xquic_process_init|engine_init fail| 2023/12/06 09:48:23 [emerg] 37828#0: |xquic|ngx_xquic_process_init|engine_init fail| 2023/12/06 09:48:23 [alert] 37825#0: worker process 37828 exited with fatal code 2 and cannot be respawned 2023/12/06 09:48:23 [alert] 37825#0: worker process 37827 exited with fatal code 2 and cannot be respawned
tengine信息:
配置: