Apache httpd 2.4.50 with brotli support, TLS 1.3 final (RFC 8446) built against OpenSSL 1.1.1l with http2, mod_http2 1.15.24 and ALPN for Red Hat Enterprise Linux 7 and CentOS 7

Apache httpd 2.4.50-1 with brotli compression library from Google, TLS 1.3 Final (RFC 8446), http2 (HTTP/2) support for Red Hat Enterprise Linux and CentOS added to repository. Mod_ssl 1.15.24 is built dynamically against OpenSSL 1.1.1l. Links:

Apache
httpd 2.4.50-1 with brotli compression library from Google, TLS 1.3 Final (RFC 8446), http2 (HTTP/2) support for Red Hat Enterprise Linux and CentOS added to repository. Mod_ssl 1.15.24 is built dynamically against OpenSSL 1.1.1l. Links:

Since 2.4.33 we added brotli compression library. Since 2.4.35 release we start building
Apache
httpd against OpenSSL 1.1.1*. Since 2.4.37 release TLS 1.3 final version (not to be confused with any draft versions) is supported and enabled by default. Since 2.4.43-4 release we built OpenSSL as a separate package that installs to the separate directory (/opt/codeit/openssl111) and does not affects system libraries. Please note that TLS 1.3 final version is supported in Chrome 70+ and Mozilla Firefox 63+. brotli support is already included in base RPM file. All you need is to add filters like

AddOutputFilterByType BROTLI_COMPRESS text/html text/plain text/xml text/css text/javascript application/javascript

Http2
Apache
httpd module no longer supports prefork mpm from version 2.4.27. If you need http2 module, please disable prefork mpm and enable evemt mpm in /etc/httpd/conf.modules.d/00-mpm.conf. We already made this in 00-mpm.conf in our packages. If you are updating other vendor installation, please update this file. We already included a minimum required SELinux policy into the package. Feel free to use our CentOS/RHEL repository. Please also note that this package depends on apr-util 1.5.0+ and libnghttp, which you can found in EPEL repository. So, the easiest way to use our builds of
Apache
HTTPd is to add EPEL repository, if you still do not have it: yum install -y epel-release

One thought on “Apache httpd 2.4.50 with brotli support, TLS 1.3 final (RFC 8446) built against OpenSSL 1.1.1l with http2, mod_http2 1.15.24 and ALPN for Red Hat Enterprise Linux 7 and CentOS 7”

  1. I upgraded Apache from 2.4.6 to 2.4.51 (via codeIT).
    After checking phpinfo I still see openssl 1.0.2
    Please help me switch to openssl 1.1.1l
    My server: Centos 7.9 – Apache/2.4.51 (codeit) – PHP/7.4.25
    Server MPM: event

Leave a Reply

Your email address will not be published. Required fields are marked *