The current environment Apache-2.4.46 + openssl-1.1.1g is enough;

It is recommended to add the following when compiling and installing related plug-ins:

     yum install -y gcc 

     yum install -y gcc-c++ 

1. Install apr: http://mirror.bit.edu.cn/apache//apr/apr-1.7.0.tar.gz, download and upload apr-1.7.0.tar.gz to the /usr/local directory:

     Unzip:tar -zvxf apr-1.7.0.tar.gz

Detection: cd apr-1.7.0

           ./configure --prefix=/usr/local/apr

Compile: make && make install

1. , Install apr-util: http://archive.apache.org/dist/apr/apr-util-1.5.4.tar.gz, download and upload to the /usr/local directory: (recommended to use apr-util- 1.5 version, 1.6 compatibility issues)

Decompression:tar -zvxf apr-util-1.5.4.tar.gz

Detection: cd apr-util-1.5.4

           ./configure  --prefix=/usr/local/apr-util --with-apr=/usr/local/apr

Compile: make && make install

If it appears when Ps:make#include <expat.h> ^ compilation terminated.Error, pleaseyum install -y expat-develInstall dependent libraries.

1. ,installationpcre：Commands can be executed when connected to the Internetyum install -y pcre-devel Or throughhttps://ftp.pcre.org/pub/pcre/pcre-8.43.tar.gzDownload and upload toUnder the /usr/local directory:

Decompression:tar -zvxf pcre-8.43.tar.gz

      Detection:cd pcre-8.43

            ./configure --prefix=/usr/local/pcre

      Compile:make && make install

After the above three files are compiled and installed, Apache and openssl can be officially compiled and installed. In this way, many problems that appear during the compilation process will be reduced and then searched everywhere...

     Formal process: first unzip openssl and apache and then continue...

      cd openssl-1.1.1g

      ./configure --prefix=/usr/local/openssl

      make && make install 

      cd  apache-2.4.46 

       ./configure --prefix=/usr/local/apache2446  --enable-so --enable-ssl --enable-cgi --enable-rewrite --enable-modules=most --enable-mpms-shared=all  --with-mpm=prefork  --with-zlib --with-apr=/usr/local/apr  --with-apr-util=/usr/local/apr-util  --with-ssl=/usr/local/openssl

       make && make install

——If there is no error in the above process, then the compilation and installation process of the entire environment is over, and the next step is to configure SSL

——Ps:The directories in the above steps are all the directories of the test environment. Please adjust the specific path according to your actual environment!

The environment is set up. Then it is necessary to test whether it can be started normally;

First cut to the bin directory of apapche2446, pass ./apachectl start Start; if correct, passingnetstat -tunlp | grep “80” Check if the port is listening, if it indicates that http port 80 is OK;

Next, configure the SSL certificate: you can use thebuy.wosign.com Make a

The approximate configuration is as follows, reference: also cut to the conf directory of apache2446

vi httpd.conf  Perform certificate configuration

Remember to turn on: LoadModule ssl_module modules/mod_ssl.so —— SSL module

Finally save and exit;

Then cut to the bin directory. by ./apachectl -t Check whether the current configuration is normal;

My return is the following error:

Cannot load modules/mod_ssl.so into server: libssl.so.1.1: cannot open shared object file: No such file or directory

Finally, the steps in this post have been resolved:

Then restart apache;

Same: Passnetstat -tunlp | grep “443” Check whether the port is listening, if it indicates that https 443 port is OK;

 

The latest versions of Firefox and Google already support the TLS1.3 protocol. And the openssl version can support the corresponding protocol as long as it is version 1.1.1 or higher

And encryption suite. In the apache configuration, the cipher suite ECDH has a matching cipher suite algorithm;

     

--- original, reproduced, please, thank you