DirectAdmin下apache启用HTTP2[ALPN]支持
http2是http1.1的升级版本,有效加快浏览速度
1核心组件
libressl编译安装,支持CHACHA20[推荐]
wget http://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-2.4.5.tar.gz tar zxvf libressl-2.4.5.tar.gz cd libressl-2.4.5 ./configure --prefix=/usr/local/libressl --exec-prefix=/usr/local/libressl make && make install
OpenSSL编译安装[openssl1.1以上需要GCC4.8+]
wget ftp://ftp.openssl.org/source/openssl-1.0.2k.tar.gz tar xzf openssl-1.0.2k.tar.gz cd openssl-1.0.2k ./config --prefix=/usr/local/lib_http2 no-ssl2 no-ssl3 zlib-dynamic make && make install
nghttp2用DirectAdmin安装[推荐]
cd /usr/local/directadmin/custombuild ./build update ./build nghttp2
nghttp2编译安装[备用]
wget https://github.com/nghttp2/nghttp2/releases/download/v1.20.0/nghttp2-1.20.0.tar.gz tar xzf nghttp2-1.20.0.tar.gz cd nghttp2-1.20.0 ./configure --prefix=/usr/local/nghttp2 make && make install
2准备编译apache,启用自定义Apache编译规则
cd /usr/local/directadmin/custombuild mkdir -p custom/ap2 cp -p configure/ap2/configure.apache custom/ap2/configure.apache
修改修改 /usr/local/directadmin/custombuild/custom/ap2/configure.apache 文件
删除
在文件末尾最后一行上方添加(重要,注意编译顺序)
优先使用libressl
"--enable-http2" \ "--enable-ssl-staticlib-deps" \ "--with-ssl=/usr/local/libressl" \ "--with-crypto" \ "--enable-mpms-shared" \
下面是openssl的
"--enable-http2" \ "--enable-ssl-staticlib-deps" \ "--with-ssl=/usr/local/lib_http2" \
开始编译Apache
./build apache
3最后编辑httpd文件加入http/2支持语句
echo 'ProtocolsHonorOrder On' >> /etc/httpd/conf/extra/httpd-includes.conf echo 'Protocols h2 h2c http/1.1' >> /etc/httpd/conf/extra/httpd-includes.conf
更新SSL Ciphers[]
cd /usr/local/directadmin/custombuild ./build rewrite_confs
vi /etc/httpd/conf/extra/httpd-ssl.conf
添加
ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-CHACHA20-POLY1305:DHE-RSA-CHACHA20-POLY1305:
来源:
http://www.hostsoft.cn/blog/2015/11/15/directadmin-qi-yong-http-2-zhi-chi/
http://forum.directadmin.com/showthread.php?t=52590
此处评论已关闭