javaspringspring-bootreactor-netty

Spring boot 3.4 and http/3 (netty) controller

I am trying to repeat this guide

It's my customizer

@Component
class Http3NettyWebServerCustomizer implements WebServerFactoryCustomizer<NettyReactiveWebServerFactory> {

    @Override
    public void customize(NettyReactiveWebServerFactory factory) {
        factory.addServerCustomizers(server -> {
            SslBundle sslBundle = factory.getSslBundles().getBundle("http3");
            Http3SslContextSpec sslContextSpec =
                    Http3SslContextSpec.forServer(sslBundle.getManagers().getKeyManagerFactory(), sslBundle.getKey().getPassword());

            return server
                    // Configure HTTP/3 protocol
                    .protocol(HttpProtocol.HTTP3)
                    // Configure HTTP/3 SslContext
                    .secure(spec -> spec.sslContext(sslContextSpec))
                    .http3Settings(spec -> spec.idleTimeout(Duration.ofSeconds(5))
                            .maxData(10_000_000)
                            .maxStreamDataBidirectionalRemote(1_000_000)
                            .maxStreamsBidirectional(100));
        });
    }

}

It's my controller:

@RestController
public class HelloController {

    @GetMapping("/hello")
    String hello() {
        return "Hello HTTP/3!";
    }

}

It's my application properties:

spring.application.name=http3app
server.port=888
spring.ssl.bundle.jks.http3.key.alias=http3
spring.ssl.bundle.jks.http3.keystore.location=classpath:keystore.p12
spring.ssl.bundle.jks.http3.keystore.password=changeit
spring.ssl.bundle.jks.http3.keystore.type=PKCS12

For generate a keystore i used:

keytool -genkeypair -alias http3 -keyalg RSA -keysize 4096 \
  -validity 3650 -dname "CN=localhost" -keypass changeit -keystore keystore.p12 \
  -storeType PKCS12 -storepass changeit

when I try to open a page "localhost:888/hello" in the browser, i get an error: ERR_CONNECTION_REFUSED

browser: chrome v128

What am I doing wrong? Please, help

I think there is a problem with the certificate. If i switch to http 1, everything works. Can you tell me how to generate and put the certificate correctly?

Solution

  • later, I generated a keystore for the server and a truststore for the client. Add dependency netty-incubator-codec-native-quic for client. Configure http3client:

    SslBundle sslBundle = factory.getSslBundles().getBundle("http3");
        TrustManager[] trustManagers = sslBundle.getManagers().getTrustManagers();
        Http3SslContextSpec sslContextSpec = Http3SslContextSpec
                .forClient()
                .configure(s -> s.trustManager(trustManagers[0]));
        
        return HttpClient.create()
                // Configure HTTP/3 protocol
                .protocol(HttpProtocol.HTTP3)
                // Configure HTTP/3 settings
                .secure(spec -> spec.sslContext(sslContextSpec))
                .http3Settings(spec -> spec
                        .idleTimeout(Duration.ofSeconds(5))
                        .maxData(10_000_000)
                        .maxStreamDataBidirectionalLocal(1_000_000));

    And it works!