Apache httpd 2.4.34, собранный с Brotli, OpenSSL 1.1.0i, ALPN и поддержкой http2 для Red Hat Enterprise Linux и CentOS

В репозиторий добавлен Apache httpd 2.4.34-2 с поддержкой сжатия brotli от Google, http2 для Red Hat Enterprise Linux и CentOS. Mod_ssl собран статически с OpenSSL 1.1.0i. Ссылки:

Заметим, что модуль Http2 Apache httpd с версии 2.4.27 не поддерживает prefork mpm. Если вам нужен модуль mod_http2, отключите prefork mpm, включите event mpm в /etc/httpd/conf.modules.d/00-mpm.conf

Это действите уже сделано в файле, который мы поставляем в пакете. Если вы обновляете вашу инсталляцию, обновите файл.

Для работы с SELinux установите следующий boolean:

setsebool -P httpd_execmem=1

Модуль brotli уже включён в базовый RPM. Всё, что нужно — настроить фильтр

AddOutputFilterByType BROTLI_COMPRESS text/html text/plain text/xml text/css text/javascript application/javascript

18 thoughts on “Apache httpd 2.4.34, собранный с Brotli, OpenSSL 1.1.0i, ALPN и поддержкой http2 для Red Hat Enterprise Linux и CentOS”

        1. Thinking about it.
          Please note that TLS 1.3 release you mentioned is still not supported by browsers by default.
          Current Chrome 68 and Firefox 61 support TLS 1.3 draft 23 that is supported in 1.1.1-pre2 OpenSSL version.

          As soon as builds are very popular we are still waiting for OpenSSL 1.1.1 release and browsers support for TLS 1.3 final version (=draft 28).

          Reply

    1. Thank you for good news!
      I’ve been watching for their bugs list 🙂

      Mozilla Firefox currently supports TLS 1.3 release, but Chrome does not (only draft 23 is supported).
      I think we will build new versions against 1.1.1 release anyway.

      Reply

  3. We are using this package on around 15 CentOS 7.5.1804 servers, and we are getting a random error. (because we all know how we all love random errors in this business)

    PHP Warning: hash_hmac(): Unknown hashing algorithm: sha1

    Our CMS rely heavily on hash (TYPO3) so the web is just dead.
    It can run flawlessly for days, then all of a sudden this error, and phpinfo shows the “Hashing Engines” as empty (usually shows all the available engines), then after a few minutes they all reappear and it all runs perfectly again.

    We really want to run this release (for the http2)
    Does anyone have any suggestions to what to try here? Apparently no one in the world (google) has knowingly had this issue.

    Any suggestions we can try is very much appreciated.

    Reply

    1. Hi Palle,

      What is your PHP version?
      We observed similar behavior with PHP 7.0 with MySQL constant of PDO extension.

      Please also note that php-fpm (running php as separate server) is recommended way to be used with new Apache versions.

      Reply

      2. Just wanted to let everyone know (that ends up here due to their google search on this issue). That setting up PHP-FPM seems to have fixed the issue for us (with the hash missing). Running on 2 weeks now without issues.

        Reply

    1. Hi Jeffrey,

      It was not officially released yet and it had some errors with TLS 1.3 enabled.
      I think all of them are fixed now, as soon as 2.4.37 was officially released some minutes ago 🙂

      I will update production repo within next hour.

      Reply

Leave a Reply

Your email address will not be published. Required fields are marked *