Apache httpd 2.4.49-1 with brotli compression library from Google, TLS 1.3 Final (RFC 8446), http2 (HTTP/2) support for Red Hat Enterprise Linux and CentOS added to repository. Mod_ssl 1.15.24 is built dynamically against OpenSSL 1.1.1l.
Links:
Please note that RedHat multiproxy patch cannot be applied to this version due to massive SSL rework and was removed.
Since 2.4.33 we added brotli compression library. Since 2.4.35 release we start building Apache httpd against OpenSSL 1.1.1*. Since 2.4.37 release TLS 1.3 final version (not to be confused with any draft versions) is supported and enabled by default. Since 2.4.43-4 release we built OpenSSL as a separate package that installs to the separate directory (/opt/codeit/openssl111) and does not affects system libraries. Please note that TLS 1.3 final version is supported in Chrome 70+ and Mozilla Firefox 63+. brotli support is already included in base RPM file. All you need is to add filters like
AddOutputFilterByType BROTLI_COMPRESS text/html text/plain text/xml text/css text/javascript application/javascript
Http2 Apache httpd module no longer supports prefork mpm from version 2.4.27. If you need http2 module, please disable prefork mpm and enable evemt mpm in /etc/httpd/conf.modules.d/00-mpm.conf. We already made this in 00-mpm.conf in our packages. If you are updating other vendor installation, please update this file. We already included a minimum required SELinux policy into the package. Feel free to use our CentOS/RHEL repository. Please also note that this package depends on apr-util 1.5.0+ and libnghttp, which you can found in EPEL repository. So, the easiest way to use our builds of Apache HTTPd is to add EPEL repository, if you still do not have it: yum install -y epel-release
Hi
We have had problems on all of our servers updatering to httpd 2.4.49.
Unfortunately Apache could no longer connect to PHP-FPM .sock
We reverted the update and are now up again.
What have happend?
Thank you.
We found the problem:
mod_proxy has been optimized in the new version, and apparently we have always been using
SetHandler proxy:unix:///var/www/…
but must new be the correct
SetHandler proxy:unix:/var/www/…
From HTTPD error.log after update to 2.4.49:
[Sat Sep 18 08:21:41.258908 2021] [proxy:error] [pid ***:tid ***] [client ***:***] AH10292: Invalid proxy UDS filename (proxy:unix:///var/www/***domain***/php-fpm.sock|fcgi://127.0.0.1:9000/var/www/***/www/…/index.php)
So just forget this – not your falt.
We appreciate your work!
Hello
We also had a problem with apache after the update. Specifically this error:
Sep 18 09:31:13 systemd[1]: Starting The Apache HTTP Server…
Sep 18 09:31:13 httpd[22349]: httpd: Syntax error on line 56 of /etc/httpd/conf/httpd.conf: Syntax error on line 1 of /etc/httpd/conf.modules.d/10-h2.conf: Cannot load modules/mod_http2.so into server: /etc…l: EVP_MD_CTX_new
Sep 18 09:31:14 systemd[1]: httpd.service: main process exited, code=exited, status=1/FAILURE
Sep 18 09:31:14 systemd[1]: Failed to start The Apache HTTP Server.
Sep 18 09:31:14 systemd[1]: Unit httpd.service entered failed state.
We have had to revert back to 2.4.48 which works fine
I also noticed that mod_http2.so last modified date was September 10 but all the other modules were September 17. Our openssl version is 1.0.2k and upgrading to 1.1.1l did not make a difference.
Hope this helps identify the problem.
We have this problem on one of our servers: the issue was in missing mod_ssl. Please be sure to install it and load before mod_http2 (as we do it by default: 00-ssl.conf loads mod_ssl, 10-h2.conf loads mod_http2)
Hi,
After updating to 2.4.49, Apache began to hang silently after a few hours with no meaningful records in the error log. Is it just me?
I think this is the problem: https://bz.apache.org/bugzilla/show_bug.cgi?id=65592
Apache has just released 2.4.50 if you could update your CentOS 7 repo. Thanks
Keep up the good work!
They just released version 2.4.51 to improve this fix.
Already building/testing.
Just a heads up – I’m having dependency issues with mod_http2 the 2.4.50 build on centos 7.9 but 2.4.49 works fine:
Cannot load modules/mod_http2.so into server: /etc/httpd/modules/mod_http2.so: undefined symbol: EVP_MD_CTX_new
Please check if you have mod_ssl loaded before mod_http2.
Sorry would help if I read the other comments. I ran into the same issue as everyone else.
Dear Friends
Thank you for your great work, everything works like a charm.
I have updated from Remi 7.4.24 to Remi PHP 8.0.11, but I have problem to use it with CodeIT 2.4.49. I have in my configuration /etc/httpd/conf.d/test-domain.conf below line:
…
Should I change it to: …
Thank you in advance for your help and support.
Sincerely
There is no code in my last post, so maybe without brackets:
mod_php7.c to mod_php.c in IfModule
Hello!
Just a note: mod_php is a deprecated way to use with apache httpd, php team recommends to use php-fpm for reliable connection.
Dear Alexander
Thank you for your fast reply.
…but if I would like to use the old way with mod_php, I should change mod_php7.c to just mod_php.c?
Sincerely
Hello,
I cannot consult you here unfortunately: we do not currently have mod_php 8.0 installations with our clients.
Please ask the community.