NGINX 1.25.4 Mainline with Brotli, TLS 1.3, OpenSSL 3.0.13, HTTP/2 and HTTP/3 for Red Hat Enterprise Linux, CentOS, Rocky, Oracle, Alma Linux EL7/EL8/EL9

NGINX 1.25.4 mainline with HTTP/3 support added to EL7, EL8, EL9 repositories. brotli compression module from Google, http2, ngx cache purge and ngx http geoip2 modules added or built-in. OpenSSL built dynamically using OpenSSL+QUIC 3.0.12.

Major changes:

  • fixes for vulnerabilities in HTTP/3 (CVE-2024-24989, CVE-2024-24990)

RHEL 7 / CentOS 7:

yum upgrade -y codeit-repo-release
yum-config-manager --enable CodeIT-mainline --save
yum install nginx

RHEL 8-9 / Alma Linux 8-9 / Rocky Linux 8-9 / CentOS 8-9 / Other EL8/EL9 repos are modular now.
To install nginx with HTTP/3 support, you need to enable the appropriate stream:

dnf module reset -y nginx
dnf module enable -y nginx:codeit-mainline
dnf install nginx

We build OpenSSL+QUIC 3.0 separately since v1.21.6, installing it separately to /lib64 with .so.81.3 suffix to ensure it won’t interfere with your system libraries.

Exerimental HTTP/3 support added in NGINX 1.25.0 Mainline. We build it with the corresponding module (—with-http_v3_module).

NGINX 1.25.3 Mainline with Brotli, TLS 1.3, OpenSSL 3.0.12, HTTP/2 and HTTP/3 for Red Hat Enterprise Linux, CentOS, Rocky, Oracle, Alma Linux EL7/EL8/EL9

NGINX 1.25.3 mainline with HTTP/3 support added to EL7, EL8, EL9 repositories. brotli compression module from Google, http2, ngx cache purge and ngx http geoip2 modules added or built-in. OpenSSL built dynamically using OpenSSL+QUIC 3.0.12.

Major changes:

  • Changes and fixes in HTTP/2
  • Changes and fixes in HTTP/3

RHEL 7 / CentOS 7:

yum upgrade -y codeit-repo-release
yum-config-manager --disable CodeIT-quic --save
yum-config-manager --enable CodeIT-mainline --save

RHEL 8-9 / Alma Linux 8-9 / Rocky Linux 8-9 / CentOS 8-9 / Other EL8/EL9 repos are modular now.  To install nginx with HTTP/3 support, you need to enable the appropriate stream:

dnf module reset -y nginx
dnf module enable -y nginx:codeit-mainline

We build OpenSSL+QUIC 3.0 separately since v1.21.6, installing it separately to /lib64 with .so.81.3 suffix to ensure it won’t interfere with your system libraries.

Exerimental HTTP/3 support added in NGINX 1.25.0 Mainline. We build it with the corresponding module (—with-http_v3_module).

NGINX 1.25.2 Mainline with Brotli, TLS 1.3, OpenSSL 3.0.10, HTTP/2 and HTTP/3 for Red Hat Enterprise Linux, CentOS, Rocky, Oracle, Alma Linux EL7/EL8/EL9

NGINX 1.25.2 mainline with HTTP/3 support added to EL7, EL8, EL9 repositories. brotli compression module from Google, http2, ngx cache purge and ngx http geoip2 modules added or built-in. OpenSSL built dynamically using OpenSSL+QUIC 3.0.10.

Major changes:

  • Feature: the «http2» directive, which enables HTTP/2 on a per-server basis; the «http2» parameter of the «listen» directive is now deprecated.
  • Change: HTTP/2 server push support has been removed.
  • Change: the deprecated «ssl» directive is not supported anymore.
  • Bugfix: in HTTP/3 when using OpenSSL.

RHEL 7 / CentOS 7:

yum upgrade -y codeit-repo-release
yum-config-manager --disable CodeIT-quic --save
yum-config-manager --enable CodeIT-mainline --save

RHEL 8-9 / Alma Linux 8-9 / Rocky Linux 8-9 / CentOS 8-9 / Other EL8/EL9 repos are modular now.  To install nginx with HTTP/3 support, you need to enable the appropriate stream:

dnf module reset -y nginx
dnf module enable -y nginx:codeit-mainline

We build OpenSSL+QUIC 3.0 separately since v1.21.6, installing it separately to /lib64 with .so.81.3 suffix to ensure it won’t interfere with your system libraries.

Exerimental HTTP/3 support added in NGINX 1.25.0 Mainline. We build it with the corresponding module (—with-http_v3_module).

NGINX 1.25.1 Mainline with Brotli, TLS 1.3, OpenSSL 3.0.9, HTTP/2 and HTTP/3 for Red Hat Enterprise Linux, CentOS, Rocky, Oracle, Alma Linux EL7/EL8/EL9

NGINX 1.25.1 mainline with HTTP/3 support added to EL7, EL8, EL9 repositories. brotli compression module from Google, http2, ngx cache purge and ngx http geoip2 modules added or built-in. OpenSSL built dynamically using OpenSSL+QUIC 3.0.9.

Major changes:

  • Feature: the «http2» directive, which enables HTTP/2 on a per-server basis; the «http2» parameter of the «listen» directive is now deprecated.
  • Change: HTTP/2 server push support has been removed.
  • Change: the deprecated «ssl» directive is not supported anymore.
  • Bugfix: in HTTP/3 when using OpenSSL.

RHEL 7 / CentOS 7:

yum upgrade -y codeit-repo-release
yum-config-manager --disable CodeIT-quic --save
yum-config-manager --enable CodeIT-mainline --save

RHEL 8-9 / Alma Linux 8-9 / Rocky Linux 8-9 / CentOS 8-9 / Other EL8/EL9 repos are modular now.  To install nginx with HTTP/3 support, you need to enable the appropriate stream:

dnf module reset -y nginx
dnf module enable -y nginx:codeit-mainline

We build OpenSSL+QUIC 3.0 separately since v1.21.6, installing it separately to /lib64 with .so.81.3 suffix to ensure it won’t interfere with your system libraries.

Exerimental HTTP/3 support added in NGINX 1.25.0 Mainline. We build it with the corresponding module (—with-http_v3_module).

NGINX 1.25.0 QUIC/HTTP3 Notice

Please note that since NGINX 1.25.0 QUIC branches on Mercurial and GitHub are removed.

All the development moved to Mainline branch. Thus, the builds of Mainline version now have QUIC. QUIC Streams and repository will be moved to the archive repo, please switch to mainline:

RHEL 7 / CentOS 7:

yum upgrade -y codeit-repo-release
yum-config-manager --enable CodeIT-mainline --save

RHEL 8-9 / Alma Linux 8-9 / Rocky Linux 8-9 / CentOS 8-9 / Other EL8/EL9:

dnf module reset -y nginx
dnf module enable -y nginx:codeit-mainline

NGINX team also notified that TCP streams now do not have QUIC support, thus we build without --with-stream_quic_module option.

NGINX 1.25.0 Mainline, собранный с Brotli, TLS 1.3, OpenSSL 3.0.8, поддержкой http2, http3 (QUIC) для Red Hat Enterprise Linux, CentOS, Rocky, Oracle, Alma Linux EL7/EL8/EL9

В репозиторий добавлен NGINX 1.25.0 mainline с поддержкой HTTP/3, сжатия brotli от Google, http2, ngx cache purge и ngx http geoip2 module. OpenSSL собран динамически с OpenSSL+QUIC (QuicTLS) 3.0.8.

TLS 1.3 final на сегодня работает в Google Chrome 70+ и Mozilla Firefox 63+.

RHEL 7 / CentOS 7:

yum upgrade -y codeit-repo-release
yum-config-manager --disable CodeIT-quic --save
yum-config-manager --enable CodeIT-mainline --save

RHEL 8 / Alma Linux 8 / Rocky Linux 8 / CentOS 8 / Other EL8 репозиторий стал модульным. Для установки надо включить соответствующий стрим:

dnf module reset -y nginx
dnf module enable -y nginx:codeit-mainline

Для включения TLS 1.3 надо указать:

ssl_protocols TLSv1.2 TLSv1.3;

C версии 1.21.6 мы собираем OpenSSL+QUIC 3.0 отдельно, он устанавливается в /lib64 отдельно с суффиксом .so.81.3 и никак не затрагивает системные библиотеки.

С версии 1.25.0 в NGINX появилась экспериментальная поддержка HTTP/3, наши сборки выполняются с поддержкой этого экспериментального модуля (—with-http_v3_module).

NGINX 1.24.0 stable, собранный с Brotli, TLS 1.3, OpenSSL 3.0.8, поддержкой http2 для Red Hat Enterprise Linux, CentOS, Rocky, Oracle, Alma Linux EL7/EL8/EL9

NGINX 1.24.0 stable added to EL7, EL8, EL9 repositories. brotli compression module from Google, http2, ngx cache purge и ngx http geoip2 modules added or built-in. OpenSSL built dynamically using OpenSSL+QUIC 3.0.8.

TLS 1.3 final works with Google Chrome 70+ and Mozilla Firefox 63+.

RHEL 8-9 / Alma Linux 8-9 / Rocky Linux 8-9 / CentOS 8-9 / Other EL8/EL9 repos are modular now.  To install nginx mainline, you need to enable the appropriate stream:

dnf module enable -y nginx:codeit-stable

We build OpenSSL+QUIC 3 separately since v1.23.4, installing it separately to /lib64 with .so.81.3 suffix to ensure it won’t interfere with your system libraries.

NGINX 1.23.3 QUIC, собранный с Brotli, TLS 1.3, OpenSSL 1.1.1s, поддержкой http2 для Red Hat Enterprise Linux, CentOS, Rocky, Oracle, Alma Linux EL7/EL8/EL9

В репозиторий добавлен NGINX 1.23.3 mainline с поддержкой HTTP/3, сжатия brotli от Google, http2, ngx cache purge и ngx http geoip2 module. OpenSSL собран динамически с OpenSSL+QUIC 1.1.1s.

TLS 1.3 final на сегодня работает в Google Chrome 70+ и Mozilla Firefox 63+.

RHEL 7 / CentOS 7:

yum upgrade -y codeit-repo-release
yum-config-manager --enable CodeIT-quic --save

RHEL 8 / Alma Linux 8 / Rocky Linux 8 / CentOS 8 / Other EL8 репозиторий стал модульным. Для установки надо включить соответствующий стрим:

dnf module enable -y nginx:codeit-quic

Для включения TLS 1.3 надо указать:

ssl_protocols TLSv1.2 TLSv1.3;

C версии 1.21.6 мы собираем OpenSSL+QUIC 1.1.1 отдельно, он устанавливается в /lib64 отдельно с суффиксом .so.81.1.1 и никак не затрагивает системные библиотеки.

NGINX 1.23.3 mainline, собранный с Brotli, TLS 1.3, OpenSSL 1.1.1s, поддержкой http2 для Red Hat Enterprise Linux, CentOS, Rocky, Oracle, Alma Linux EL7/EL8/EL9

В репозиторий добавлен NGINX 1.23.3 mainline с поддержкой сжатия brotli от Google, http2, ngx cache purge и ngx http geoip2 module. OpenSSL собран динамически с OpenSSL+QUIC 1.1.1s.

TLS 1.3 final на сегодня работает в Google Chrome 70+ и Mozilla Firefox 63+.

RHEL 8 / Alma Linux 8 / Rocky Linux 8 / CentOS 8 / Other EL8 репозиторий стал модульным. Для установки надо включить соответствующий стрим:

dnf module enable -y nginx:codeit-mainline

Для включения TLS 1.3 надо указать:

ssl_protocols TLSv1.2 TLSv1.3;

C версии 1.21.6 мы собираем OpenSSL+QUIC 1.1.1 отдельно, он устанавливается в /lib64 отдельно с суффиксом .so.81.1.1 и никак не затрагивает системные библиотеки.

NGINX 1.22.1 stable, собранный с Brotli, TLS 1.3, OpenSSL 1.1.1r, поддержкой http2 для Red Hat Enterprise Linux, CentOS, Rocky, Oracle, Alma Linux EL7/EL8/EL9

В репозиторий добавлен NGINX 1.22.1 stable с поддержкой сжатия brotli от Google, http2, ngx cache purge и ngx http geoip2 module. OpenSSL собран динамически с OpenSSL+QUIC 1.1.1r.

TLS 1.3 final на сегодня работает в Google Chrome 70+ и Mozilla Firefox 63+.

RHEL 8 / Alma Linux 8 / Rocky Linux 8 / CentOS 8 / Other EL8 репозиторий стал модульным. Для установки надо включить соответствующий стрим:

dnf module enable -y nginx:codeit-mainline

Для включения TLS 1.3 надо указать:

ssl_protocols TLSv1.2 TLSv1.3;

C версии 1.21.6 мы собираем OpenSSL+QUIC 1.1.1 отдельно, он устанавливается в /lib64 отдельно с суффиксом .so.81.1.1 и никак не затрагивает системные библиотеки.