В репозиторий добавлен Apache httpd 2.4.49-1 с поддержкой сжатия brotli от Google, mod_http2 1.15.24 для Red Hat Enterprise Linux и CentOS. Mod_ssl собран динамически с OpenSSL 1.1.1l.
Ссылки:
В этой сборке отсутствует multiproxy patch от RedHat из-за переработки mod_ssl.
Заметим, что httpd 2.4.49 поддерживает TLS 1.3 при сборке с OpenSSL 1.1.1. Все новые шифры включены и работают.
C версии 2.4.43-4 мы собираем OpenSSL отдельно, он устанавливается в /opt/codeit/openssl111 и никак не затрагивает системные библиотеки.
TLS 1.3 final на сегодня работает в Google Chrome 70+ и Mozilla Firefox 63+.
Для работы с SELinux в rpm включена соответствующая минимальная политика.
Модуль brotli уже включён в базовый RPM. Всё, что нужно — настроить фильтр
AddOutputFilterByType BROTLI_COMPRESS text/html text/plain text/xml text/css text/javascript application/javascript
Hi
We have had problems on all of our servers updatering to httpd 2.4.49.
Unfortunately Apache could no longer connect to PHP-FPM .sock
We reverted the update and are now up again.
What have happend?
Thank you.
We found the problem:
mod_proxy has been optimized in the new version, and apparently we have always been using
SetHandler proxy:unix:///var/www/…
but must new be the correct
SetHandler proxy:unix:/var/www/…
From HTTPD error.log after update to 2.4.49:
[Sat Sep 18 08:21:41.258908 2021] [proxy:error] [pid ***:tid ***] [client ***:***] AH10292: Invalid proxy UDS filename (proxy:unix:///var/www/***domain***/php-fpm.sock|fcgi://127.0.0.1:9000/var/www/***/www/…/index.php)
So just forget this — not your falt.
We appreciate your work!
Hello
We also had a problem with apache after the update. Specifically this error:
Sep 18 09:31:13 systemd[1]: Starting The Apache HTTP Server…
Sep 18 09:31:13 httpd[22349]: httpd: Syntax error on line 56 of /etc/httpd/conf/httpd.conf: Syntax error on line 1 of /etc/httpd/conf.modules.d/10-h2.conf: Cannot load modules/mod_http2.so into server: /etc…l: EVP_MD_CTX_new
Sep 18 09:31:14 systemd[1]: httpd.service: main process exited, code=exited, status=1/FAILURE
Sep 18 09:31:14 systemd[1]: Failed to start The Apache HTTP Server.
Sep 18 09:31:14 systemd[1]: Unit httpd.service entered failed state.
We have had to revert back to 2.4.48 which works fine
I also noticed that mod_http2.so last modified date was September 10 but all the other modules were September 17. Our openssl version is 1.0.2k and upgrading to 1.1.1l did not make a difference.
Hope this helps identify the problem.
We have this problem on one of our servers: the issue was in missing mod_ssl. Please be sure to install it and load before mod_http2 (as we do it by default: 00-ssl.conf loads mod_ssl, 10-h2.conf loads mod_http2)
Hi,
After updating to 2.4.49, Apache began to hang silently after a few hours with no meaningful records in the error log. Is it just me?
I think this is the problem: https://bz.apache.org/bugzilla/show_bug.cgi?id=65592
Apache has just released 2.4.50 if you could update your CentOS 7 repo. Thanks
Keep up the good work!
They just released version 2.4.51 to improve this fix.
Already building/testing.
Just a heads up — I’m having dependency issues with mod_http2 the 2.4.50 build on centos 7.9 but 2.4.49 works fine:
Cannot load modules/mod_http2.so into server: /etc/httpd/modules/mod_http2.so: undefined symbol: EVP_MD_CTX_new
Please check if you have mod_ssl loaded before mod_http2.
Sorry would help if I read the other comments. I ran into the same issue as everyone else.
Dear Friends
Thank you for your great work, everything works like a charm.
I have updated from Remi 7.4.24 to Remi PHP 8.0.11, but I have problem to use it with CodeIT 2.4.49. I have in my configuration /etc/httpd/conf.d/test-domain.conf below line:
…
Should I change it to: …
Thank you in advance for your help and support.
Sincerely
There is no code in my last post, so maybe without brackets:
mod_php7.c to mod_php.c in IfModule
Hello!
Just a note: mod_php is a deprecated way to use with apache httpd, php team recommends to use php-fpm for reliable connection.
Dear Alexander
Thank you for your fast reply.
…but if I would like to use the old way with mod_php, I should change mod_php7.c to just mod_php.c?
Sincerely
Hello,
I cannot consult you here unfortunately: we do not currently have mod_php 8.0 installations with our clients.
Please ask the community.