HTTP/2 is finally officially adopted, and it brings significant improvements regarding server<-> client communication, making worth to try be amongst the first to have the service up.
This is a relatively new tecnology, and as far as I can tell at this moment Apache doesn’t support with binary packages, at least not for CentOS, so this is how I precompiled it to have it support h2.
This has been a rocky road (and still is), as things are not completely clear, but I’ll give you the short story as always, supposing that if you really wanted to know more, you’d just read the documentation and do it your way.
I did this both on Centos 6 and 7 and it works. First, you’ll need the development tools, so if you don’t have it, install it:
yum groupinstall "Development Tools" yum install pcre-devel python-devel lua-devel zlib-devel libxml2-devel
Now we can start to download, compile and install the dependencies. The time I am doing this, the links are as follows:
cd /usr/src wget http://www.apache.org/dist/apr/apr-1.7.0.tar.gz wget http://www.apache.org/dist/apr/apr-util-1.6.1.tar.gz git clone https://github.com/nghttp2/nghttp2 wget https://www.openssl.org/source/openssl-1.1.1l.tar.gz wget https://downloads.apache.org/httpd/httpd-2.4.51.tar.gz tar xvf apr-1.7.0.tar.gz cd /usr/src/apr-1.7.0 ./configure make make install cd /usr/src tar xvf openssl-1.1.1l.tar.gz cd /usr/src/openssl-1.1.1l ./config shared --prefix=/opt/openssl-1.1.1l --openssldir=/opt/openssl-1.1.1l make make install cd /usr/src tar xvf apr-util-1.6.1.tar.gz cd /usr/src/apr-util-1.6.1 ./configure --with-apr=/usr/local/apr/ --with-crypto --with-openssl=/opt/openssl-1.1.1l/ make make install cd /usr/src/nghttp2 git submodule update --init autoreconf -i automake autoconf ./configure make make install
Now we have all the dependencies we need, let’s get the Apache sources and compile. Before that let me give you a suggestion and do a ./configure –help to see if there are any more modules you need of that I have selected to compile, or just simply compile them all (the make process doesn’t last long).
(note: in some cases you might need to yum install zlib-devel libxml2-devel before moving on, in case the packages are not already present)
cd /usr/src tar xvf httpd-2.4.51.tar.gz cd /usr/src/httpd-2.4.51 make clean make distclean ./configure --enable-ssl --enable-so --enable-cache --enable-socache-memcache --enable-watchdog --enable-deflate --enable-proxy-html --enable-http --enable-http2 --enable-log-debug --enable-log-forensic --enable-mime-magic --enable-expires --enable-remoteip --enable-proxy --enable-proxy-fcgi --enable-dav-fs --enable-vhost-alias --with-nghttp2=/usr/local/lib --enable-log-config --with-ssl=/opt/openssl-1.1.1l/ --enable-file-cache --enable-cache-disk --enable-unique-id --enable-ident --enable-session-cookie --enable-session --enable-info --enable-rewrite --enable-slotmem-shm --enable-slotmem-plain --enable-lua --enable-luajit --enable-buffer --enable-cgid --enable-cgi make make install
This does the basic installation, and voila – you have a working http2 server.
You can start it with /usr/local/apache2/bin/apachectl start
I usually make a symlink to /bin so I don’t have to type the path every time.
You might also need the ngttp2 and openssl 1.0.2 libraries in apache’s lib directory, so if it throws you an error when you enable the mod_http2 module, create a symlink for them too:
mkdir /usr/local/apache2/lib ln -s /usr/local/ssl/lib/libcrypto.so.1.0.0 /usr/local/apache2/lib/ ln -s /usr/local/ssl/lib/libssl.so.1.0.0 /usr/local/apache2/lib/ ln -s /usr/local/lib/libnghttp2.so.14 /usr/local/apache2/lib/
Voila. This is very basic, but good for a start if you’re willing to go on from here.
You’ll still have to read about how to configure Apache to actually use http/2, and once more – things are still fuzzy with client side support (well, to be honest, in practice, even server side), and you might sumble a lot on it.
There are plugins for Chrome and Firefox that show you if you’re visiting a http/2 (apart from the subject, spdy too) capable page or not.
– revised the document, with corrected typos and adapted for Apache 2.4.18
– May 7th, 2016. adapted for Apache 2.4.20, OpenSSL v.1.02f and linked git repo for the nghttp2 project rather than a static link for newer versions, solved missing pcre-devel and python-devel dependencies for some scenarios, corrected typos and probably made new ones
– May 11th 2016. added a few more modules to the ./configure for better functionality
– July 13th 2016. updated package versions and teste
– July 21th 2016 updated to compile apr with crypto libs, so it’s possibble to compile mod_security now for this build, out of the box, also added zlib-devel and libxml2-devel packages as former missing dependencies
– March 3rd 2017 revised the whole document again and updated for the newset tehcnology, with Apache 2.4.25
– Jun 19th 2017 revised the whole document and update to the newest modules with Apache 2.4.26
– Sept 9th 2018 corrected minor typos and updated the arcticle for newsest module versions
– Nov 6th 2018 another update
– Oct 8th 2019 updated to the newest suites – apache v2.4.41 with apr v1.7, nghttpd v1.4
– Nov 25th 2021 updatet do the newest suites once more – apache v2.4.51 and nghttpd v1.47. Also MAJOR config update to support new openssl and TLSv1.3. Plans to do http3 support if possibble