Why doesn't my .NET website support HTTP/3 in Chrome/Firefox? [closed]

I have a .NET website running on an internal IIS10/Windows Server 2022 machine. It has an internal SSL cert authorised by our domain. It works with HTTP/1.1 and HTTP/2.

It's configured to pass an alt-svc: h3=":443" header, and if I connect directly with curl --http3-only that works.

On the local machine I have Chrome and Firefox, and https://cloudflare-quic.com/ reports both as supporting HTTP/3 on my network.

Based on this we've eliminated the network as the cause - this is something to do with what .NET or IIS sends Chrome and what Chrome does or doesn't send back.

Just to be absolutely clear: network, firewall, connection, service issues have been eliminated, the problem I'm asking for help with is in the .NET code running the service or the JS code in the client application

Starting from an empty cache, Chrome makes the HTTP/2 request, gets the alt-svc header, and then completely ignores it.

• Chrome may need to refresh a few times before promoting to 3, tried that.
• Chrome appears to cache HTTP/3 failures for a long time, tried refresh, tried completely new server.
• There's a bug logged against Chrome that it fails with any Referrer-Policy set, and while we do have one https://cloudflare-quic.com/ has the exact same policy and it works.
• Chrome fails on other ports, but we're on 443

I'm not sure what's left to try? What's left that could be blocking HTTP/3?

What can be done in .NET to even debug or investigate why this isn't working? HTTP/1.1 and HTTP/2 are both configured and work. Is there a header I can set or a way to reject HTTP/2 connections once it is set?

Requests are mix of static and dynamic content, with the static content cached by a service worker and served offline. The service worker makes requests using the same fetch that the inline JS code does, but could that be the cause and if so how do I investigate and/or workaround that?