NGINX 1.23.0 mainline with Brotli, TLS 1.3, OpenSSL 1.1.1p, HTTP/2 for Red Hat Enterprise Linux, CentOS, Rocky, Oracle, Alma Linux EL7/EL8/EL9

NGINX 1.23.0 mainline added to EL7, EL8, EL9 repositories. brotli compression module from Google, http2, ngx cache purge и ngx http geoip2 modules added or built-in. OpenSSL built dynamically using OpenSSL+QUIC 1.1.1p.

TLS 1.3 final works with Google Chrome 70+ and Mozilla Firefox 63+.

RHEL 8-9 / Alma Linux 8-9 / Rocky Linux 8-9 / CentOS 8-9 / Other EL8/EL9 repos are modular now.  To install nginx mainline, you need to enable the appropriate stream:

dnf module enable -y nginx:codeit-mainline

We build OpenSSL+QUIC 1.1.1 separately since v1.21.6, installing it separately to /lib64 with .so.81.1.1 suffix to ensure it won’t interfere with your system libraries.

NGINX 1.21.6 mainline with brotli support, TLS 1.3 final (RFC 8446) built against OpenSSL 1.1.1m for Red Hat Enterprise Linux and CentOS

NGINX 1.21.6 mainline version with brotli compression library from Google, TLS 1.3 Final (RFC 8446), http2 (HTTP/2), ngx cache purge and ngx http geoip2 module support. SSL is built dynamically against OpenSSL 1.1.1m added to the CentOS/RHEL repository. Please note that TLS 1.3 final version is supported in Chrome 70+ and Mozilla Firefox 63+. To enable TLS 1.3, you must specify:

Since version 1.21.6, the build for EL8 is available.

ssl_protocols TLSv1.2 TLSv1.3;

Since 1.18.0 release for Centos 7 we build OpenSSL as a separate package that installs to the separate directory (/opt/codeit/openssl111) and does not affects system libraries.

NGINX 1.20.2 stable with brotli support, TLS 1.3 final (RFC 8446) built against OpenSSL 1.1.1k for Red Hat Enterprise Linux and CentOS

NGINX 1.20.2 stable version with brotli compression library from Google, TLS 1.3 Final (RFC 8446), http2 (HTTP/2), ngx cache purge and ngx http geoip2 module support added to CentOS/RHEL repository. SSL is built dynamically against OpenSSL 1.1.1k. Please note that TLS 1.3 final version is supported in Chrome 70+ and Mozilla Firefox 63+. To enable TLS 1.3, you must specify:

ssl_protocols TLSv1.2 TLSv1.3;

Since 1.18.0 release for Centos 7 we build OpenSSL as a separate package that installs to the separate directory (/opt/codeit/openssl111) and does not affects system libraries.

NGINX 1.21.3 mainline with brotli support, TLS 1.3 final (RFC 8446) built against OpenSSL 1.1.1k for Red Hat Enterprise Linux and CentOS

NGINX 1.21.3 mainline version with brotli compression library from Google, TLS 1.3 Final (RFC 8446), http2 (HTTP/2), ngx cache purge and ngx http geoip2 module support. SSL is built dynamically against OpenSSL 1.1.1k added to the CentOS/RHEL repository. Please note that TLS 1.3 final version is supported in Chrome 70+ and Mozilla Firefox 63+. To enable TLS 1.3, you must specify:

ssl_protocols TLSv1.2 TLSv1.3;

Since 1.18.0 release for Centos 7 we build OpenSSL as a separate package that installs to the separate directory (/opt/codeit/openssl111) and does not affects system libraries.

NGINX 1.21.1 mainline with brotli support, TLS 1.3 final (RFC 8446) built against OpenSSL 1.1.1k for Red Hat Enterprise Linux and CentOS

NGINX 1.21.1 mainline version with brotli compression library from Google, TLS 1.3 Final (RFC 8446), http2 (HTTP/2), ngx cache purge and ngx http geoip2 module support. SSL is built dynamically against OpenSSL 1.1.1k added to the CentOS/RHEL repository. Please note that TLS 1.3 final version is supported in Chrome 70+ and Mozilla Firefox 63+. To enable TLS 1.3, you must specify:

ssl_protocols TLSv1.2 TLSv1.3;

Since 1.18.0 release for Centos 7 we build OpenSSL as a separate package that installs to the separate directory (/opt/codeit/openssl111) and does not affects system libraries.

NGINX 1.21.0 mainline with brotli support, TLS 1.3 final (RFC 8446) built against OpenSSL 1.1.1k for Red Hat Enterprise Linux and CentOS

NGINX 1.21.0 mainline version with brotli compression library from Google, TLS 1.3 Final (RFC 8446), http2 (HTTP/2), ngx cache purge and ngx http geoip2 module support. SSL is built dynamically against OpenSSL 1.1.1k added to the CentOS/RHEL repository. Please note that TLS 1.3 final version is supported in Chrome 70+ and Mozilla Firefox 63+. To enable TLS 1.3, you must specify:

ssl_protocols TLSv1.2 TLSv1.3;

Since 1.18.0 release for Centos 7 we build OpenSSL as a separate package that installs to the separate directory (/opt/codeit/openssl111) and does not affects system libraries.

NGINX 1.20.1 stable with brotli support, TLS 1.3 final (RFC 8446) built against OpenSSL 1.1.1k for Red Hat Enterprise Linux and CentOS

NGINX 1.20.1 stable version with brotli compression library from Google, TLS 1.3 Final (RFC 8446), http2 (HTTP/2), ngx cache purge and ngx http geoip2 module support added to CentOS/RHEL repository. SSL is built dynamically against OpenSSL 1.1.1k. Please note that TLS 1.3 final version is supported in Chrome 70+ and Mozilla Firefox 63+. To enable TLS 1.3, you must specify:

ssl_protocols TLSv1.2 TLSv1.3;

Since 1.18.0 release for Centos 7 we build OpenSSL as a separate package that installs to the separate directory (/opt/codeit/openssl111) and does not affects system libraries.