В репозиторий добавлен Apache httpd 2.4.46-1 с поддержкой сжатия brotli от Google, mod_http2 1.15.14 для Red Hat Enterprise Linux и CentOS. Mod_ssl собран динамически с OpenSSL 1.1.1g. Ссылки:
Заметим, что httpd 2.4.46 поддерживает TLS 1.3 при сборке с OpenSSL 1.1.1. Все новые шифры включены и работают. C версии 2.4.43-4 мы собираем OpenSSL отдельно, он устанавливается в /opt/codeit/openssl111 и никак не затрагивает системные библиотеки.
TLS 1.3 final на сегодня работает в Google Chrome 70+ и Mozilla Firefox 63+.
Для работы с SELinux в rpm включена соответствующая минимальная политика.
Модуль brotli уже включён в базовый RPM. Всё, что нужно — настроить фильтр
AddOutputFilterByType BROTLI_COMPRESS text/html text/plain text/xml text/css text/javascript application/javascript
Hello.
I have been using httpd from CodeIT and it’s working well on all of my CentOS 7 machines but recently noticed that apachectl fullstatus option it’s not available anymore any suggestions why?
Thanks.
This is probably because of fresh changes in Fedora patches.
I will investigate and probably rollback to previous behavior.
Hi Alexander, some time ago you fixed the problem in this post (https://community.letsencrypt.org/t/the-apache-plugin-is-not-working/102520/24)… it is happening again after the httpd updated the version to httpd-2.4.43-5.codeit.el7.x86_64. Could you help us again?
The error is
[root@server ~]# certbot —apache
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Error in checking parameter list:
The apache plugin is not working; there may be problems with your existing configuration.
The error was: MisconfigurationError(‘Apache is unable to check whether or not the module is loaded because Apache is misconfigured.’,)
Thank you!
Carlos Daniluski
Hello Carlos,
Sorry for this regression.
Please upgrade to 2.4.43-6.
Hello, CentOS7 user here
Either the apache 2.4.43-6 or mod_ssl recent versions appear a little skewed, here’s the results I get on an attempted update.
The error with latest mod_ssl stating «»nothing provides /usr/bin/hostname needed by mod_ssl-1:2.4.43-6.codeit.el7.x86_64» I believe I have traced to wrong location, certainly on CentOS7 it appears to live at /bin/hostname. I’ve never had any symlinks between the two?
which hostname
/bin/hostname
Thanks for your work in providing later httpd and mod_ssl binaries to the CentOS community!
R
dnf update
Extra Packages for Enterprise Linux 7 — x86_64 0.0 B/s | 0 B 00:00
CentOS-7 — Updates 0.0 B/s | 0 B 00:00
CodeIT repo 0.0 B/s | 0 B 00:00
CentOS-7 — Base 0.0 B/s | 0 B 00:00
CentOS-7 — Plus 0.0 B/s | 0 B 00:00
CentOS-7 — Extras 0.0 B/s | 0 B 00:00
Dependencies resolved.
Problem 1: cannot install the best update candidate for package mod_ssl-1:2.4.43-2.codeit.el7.x86_64
— nothing provides /usr/bin/hostname needed by mod_ssl-1:2.4.43-6.codeit.el7.x86_64
Problem 2: problem with installed package mod_ssl-1:2.4.43-2.codeit.el7.x86_64
— package mod_ssl-1:2.4.43-2.codeit.el7.x86_64 requires httpd = 2.4.43-2.codeit.el7, but none of the providers can be installed
— cannot install both httpd-2.4.43-6.codeit.el7.x86_64 and httpd-2.4.43-2.codeit.el7.x86_64
— cannot install the best update candidate for package httpd-2.4.43-2.codeit.el7.x86_64
— nothing provides /usr/bin/hostname needed by mod_ssl-1:2.4.43-4.codeit.el7.x86_64
— nothing provides /usr/bin/hostname needed by mod_ssl-1:2.4.43-5.codeit.el7.x86_64
— nothing provides /usr/bin/hostname needed by mod_ssl-1:2.4.43-6.codeit.el7.x86_64
=====================================================================================================================================================
Package Arch Version Repository Size
=====================================================================================================================================================
Skipping packages with conflicts:
(add ‘—best —allowerasing’ to command line to force their upgrade):
httpd x86_64 2.4.43-6.codeit.el7 CodeIT 1.4 M
Skipping packages with broken dependencies:
mod_ssl x86_64 1:2.4.43-4.codeit.el7 CodeIT 121 k
mod_ssl x86_64 1:2.4.43-5.codeit.el7 CodeIT 121 k
mod_ssl x86_64 1:2.4.43-6.codeit.el7 CodeIT 121 k
Transaction Summary
=====================================================================================================================================================
Skip 4 Packages
Nothing to do.
Complete!
Hello Rob,
Please try to reinstall or update «hostname-3.13-3» or fix your yum/rpm databases.
I see that at least hostname-3.13-3.el7_7.1.x86_64 from the Updates CentOS 7 repo has /usr/bin/hostname.