Apache httpd 2.4.46-1, собранный с Brotli, TLS 1.3 final (RFC 8446), OpenSSL 1.1.1g, ALPN и поддержкой http2 для Red Hat Enterprise Linux и CentOS

В репозиторий добавлен Apache httpd 2.4.46-1 с поддержкой сжатия brotli от Google, mod_http2 1.15.14 для Red Hat Enterprise Linux и CentOS. Mod_ssl собран динамически с OpenSSL 1.1.1g. Ссылки:

Заметим, что httpd 2.4.46 поддерживает TLS 1.3 при сборке с OpenSSL 1.1.1. Все новые шифры включены и работают. C версии 2.4.43-4 мы собираем OpenSSL отдельно, он устанавливается в /opt/codeit/openssl111 и никак не затрагивает системные библиотеки.

TLS 1.3 final на сегодня работает в Google Chrome 70+ и Mozilla Firefox 63+.

Для работы с SELinux в rpm включена соответствующая минимальная политика.

Модуль brotli уже включён в базовый RPM. Всё, что нужно — настроить фильтр

AddOutputFilterByType BROTLI_COMPRESS text/html text/plain text/xml text/css text/javascript application/javascript

Apache httpd 2.4.46-1, собранный с Brotli, TLS 1.3 final (RFC 8446), OpenSSL 1.1.1g, ALPN и поддержкой http2 для Red Hat Enterprise Linux и CentOS: 6 комментариев

  1. Hello.
    I have been using httpd from CodeIT and it’s working well on all of my CentOS 7 machines but recently noticed that apachectl fullstatus option it’s not available anymore any suggestions why?
    Thanks.

      1. Hi Alexander, some time ago you fixed the problem in this post (https://community.letsencrypt.org/t/the-apache-plugin-is-not-working/102520/24)… it is happening again after the httpd updated the version to httpd-2.4.43-5.codeit.el7.x86_64. Could you help us again?

        The error is
        [root@server ~]# certbot —apache
        Saving debug log to /var/log/letsencrypt/letsencrypt.log
        Error in checking parameter list:
        The apache plugin is not working; there may be problems with your existing configuration.
        The error was: MisconfigurationError(‘Apache is unable to check whether or not the module is loaded because Apache is misconfigured.’,)

        Thank you!
        Carlos Daniluski

          1. Hello, CentOS7 user here
            Either the apache 2.4.43-6 or mod_ssl recent versions appear a little skewed, here’s the results I get on an attempted update.
            The error with latest mod_ssl stating «»nothing provides /usr/bin/hostname needed by mod_ssl-1:2.4.43-6.codeit.el7.x86_64» I believe I have traced to wrong location, certainly on CentOS7 it appears to live at /bin/hostname. I’ve never had any symlinks between the two?

            which hostname
            /bin/hostname

            Thanks for your work in providing later httpd and mod_ssl binaries to the CentOS community!

            R

            dnf update
            Extra Packages for Enterprise Linux 7 — x86_64 0.0 B/s | 0 B 00:00
            CentOS-7 — Updates 0.0 B/s | 0 B 00:00
            CodeIT repo 0.0 B/s | 0 B 00:00
            CentOS-7 — Base 0.0 B/s | 0 B 00:00
            CentOS-7 — Plus 0.0 B/s | 0 B 00:00
            CentOS-7 — Extras 0.0 B/s | 0 B 00:00
            Dependencies resolved.

            Problem 1: cannot install the best update candidate for package mod_ssl-1:2.4.43-2.codeit.el7.x86_64
            — nothing provides /usr/bin/hostname needed by mod_ssl-1:2.4.43-6.codeit.el7.x86_64
            Problem 2: problem with installed package mod_ssl-1:2.4.43-2.codeit.el7.x86_64
            — package mod_ssl-1:2.4.43-2.codeit.el7.x86_64 requires httpd = 2.4.43-2.codeit.el7, but none of the providers can be installed
            — cannot install both httpd-2.4.43-6.codeit.el7.x86_64 and httpd-2.4.43-2.codeit.el7.x86_64
            — cannot install the best update candidate for package httpd-2.4.43-2.codeit.el7.x86_64
            — nothing provides /usr/bin/hostname needed by mod_ssl-1:2.4.43-4.codeit.el7.x86_64
            — nothing provides /usr/bin/hostname needed by mod_ssl-1:2.4.43-5.codeit.el7.x86_64
            — nothing provides /usr/bin/hostname needed by mod_ssl-1:2.4.43-6.codeit.el7.x86_64
            =====================================================================================================================================================
            Package Arch Version Repository Size
            =====================================================================================================================================================
            Skipping packages with conflicts:
            (add ‘—best —allowerasing’ to command line to force their upgrade):
            httpd x86_64 2.4.43-6.codeit.el7 CodeIT 1.4 M
            Skipping packages with broken dependencies:
            mod_ssl x86_64 1:2.4.43-4.codeit.el7 CodeIT 121 k
            mod_ssl x86_64 1:2.4.43-5.codeit.el7 CodeIT 121 k
            mod_ssl x86_64 1:2.4.43-6.codeit.el7 CodeIT 121 k

            Transaction Summary
            =====================================================================================================================================================
            Skip 4 Packages

            Nothing to do.
            Complete!

Добавить комментарий

Ваш адрес email не будет опубликован. Обязательные поля помечены *