ASP.​NET Core in .NET 6 - HTTP/3 endpoint TLS configuration

This is the next part of the ASP.NET Core on .NET 6 series. In this post, I'd like to have a look into HTTP/3 endpoint TLS configuration.

In the preview 3, Microsoft started to add support for HTTP/3 which brings a lot of improvements to the web. HTTP3 brings a faster connection setup as well as improved performance on low-quality networks.

Microsoft now adds support for HTTP/3 as well as the support to configure TLS (https) for HTTP/3.

More about HTTP/3

HTTP/3 endpoint TLS configuration

Let's see how you can configure HTTP/3 in a small MVC app using the following commands:

dotnet new mvc -o Http3Tls -n Http3Tls
cd Http3Tls
code .

This commands create an MVC app, change into the project folder and open VSCode.

In the Program.cs we need to configure HTTP/3 as shown in Microsoft's blog post:

public class Program
    public static void Main(string[] args)

    public static IHostBuilder CreateHostBuilder(string[] args) =>
            .ConfigureWebHostDefaults(webBuilder =>
                    .ConfigureKestrel((context, options) =>
                        options.EnableAltSvc = true;
                        options.Listen(IPAddress.Any, 5001, listenOptions =>
							// Enables HTTP/3
                            listenOptions.Protocols = HttpProtocols.Http3;
                            // Adds a TLS certificate to the endpoint
                            listenOptions.UseHttps(httpsOptions =>
                                httpsOptions.ServerCertificate = LoadCertificate();

The flag EnableAltSvc sets a Alt-Svc header to the browsers to tell them, that there are alternative services to the existing HTTP/1 or HTTP/2. This is needed to tell the browsers, that the alternative services - HTTP/3 in this case - should be treated like the existing ones. This needs a https connection to be secure and trusted.

What's next?

In the next part In going to look into the support for .NET Hot Reload support in ASP.NET Core.