Apache httpd 2.4.34, собранный с Brotli, OpenSSL 1.1.0i, ALPN и поддержкой http2 для Red Hat Enterprise Linux и CentOS

В репозиторий добавлен Apache httpd 2.4.34-2 с поддержкой сжатия brotli от Google, http2 для Red Hat Enterprise Linux и CentOS. Mod_ssl собран статически с OpenSSL 1.1.0i. Ссылки:

Заметим, что модуль Http2 Apache httpd с версии 2.4.27 не поддерживает prefork mpm. Если вам нужен модуль mod_http2, отключите prefork mpm, включите event mpm в /etc/httpd/conf.modules.d/00-mpm.conf

Это действите уже сделано в файле, который мы поставляем в пакете. Если вы обновляете вашу инсталляцию, обновите файл.

Для работы с SELinux установите следующий boolean:

setsebool -P httpd_execmem=1

Модуль brotli уже включён в базовый RPM. Всё, что нужно — настроить фильтр

AddOutputFilterByType BROTLI_COMPRESS text/html text/plain text/xml text/css text/javascript application/javascript

Apache httpd 2.4.34, собранный с Brotli, OpenSSL 1.1.0i, ALPN и поддержкой http2 для Red Hat Enterprise Linux и CentOS: 18 комментариев

        1. Thinking about it.
          Please note that TLS 1.3 release you mentioned is still not supported by browsers by default.
          Current Chrome 68 and Firefox 61 support TLS 1.3 draft 23 that is supported in 1.1.1-pre2 OpenSSL version.

          As soon as builds are very popular we are still waiting for OpenSSL 1.1.1 release and browsers support for TLS 1.3 final version (=draft 28).

  1. We are using this package on around 15 CentOS 7.5.1804 servers, and we are getting a random error. (because we all know how we all love random errors in this business)

    PHP Warning: hash_hmac(): Unknown hashing algorithm: sha1

    Our CMS rely heavily on hash (TYPO3) so the web is just dead.
    It can run flawlessly for days, then all of a sudden this error, and phpinfo shows the «Hashing Engines» as empty (usually shows all the available engines), then after a few minutes they all reappear and it all runs perfectly again.

    We really want to run this release (for the http2)
    Does anyone have any suggestions to what to try here? Apparently no one in the world (google) has knowingly had this issue.

    Any suggestions we can try is very much appreciated.

      1. Just wanted to let everyone know (that ends up here due to their google search on this issue). That setting up PHP-FPM seems to have fixed the issue for us (with the hash missing). Running on 2 weeks now without issues.

Добавить комментарий

Ваш адрес email не будет опубликован. Обязательные поля помечены *