quic_host_key
The 'quic_host_key' directive specifies the key used for QUIC protocol connections in an NGINX server block.
Description
The 'quic_host_key' directive is used to specify a unique host key for each server block when enabling QUIC support in NGINX. This key is crucial for establishing secure connections over the QUIC protocol, which operates over UDP, making it different from traditional TCP protocols. The directive can be included in either the 'http' or 'server' context, allowing for configuration flexibility. By providing the key, NGINX activates QUIC handling for the designated server, enabling faster connection establishment and improved performance for users with compatible clients.
QUIC, being a transport layer network protocol, uses this key in conjunction with TLS (Transport Layer Security) to enhance security while maintaining speed. The directive accepts a single argument that represents the host key, which typically consists of a string or path to a cryptographic key file. It's important to ensure that the key chosen is kept secure and is only accessible to the NGINX process to prevent information leakage. This capability is essential for sites looking to take advantage of the performance benefits that QUIC can offer, particularly for latency-sensitive applications and rich content delivery.
Config Example
server {
listen 443 quic;
quic_host_key /etc/nginx/ssl/quic_host_key.pem;
# additional server configurations...
}Ensure the key file is accessible to the NGINX process for reading.
Incorrect key format can prevent QUIC from functioning properly, leading to connection failures.
The directive requires an appropriate SSL/TLS setup and should be accompanied by a valid certificate.