3.17 Web Services

In Oracle Linux 8, the following web service features, enhancements, and changes are introduced:

  • Apache Tomcat package is not available in Oracle Linux 8.  The Apache Tomcat software package that was available in Oracle Linux 7 is no longer included in Oracle Linux 8.

  • Apache HTTP Server updated to version 2.4.35.  Oracle Linux 8 includes Apache HTTP Server version 2.4.35, which provides several improvements over the previous version of Apache.

    This version of the Apache HTTP Server includes the following changes:

    • HTTP/2 available in Oracle Linux 8.  HTTP/2 has been added in this release and is provided by the mod_http2 package. This package is included in the httpd module.

    • Automated TLS certificate provisioning.  Oracle Linux 8 includes automated TLS certificate provisioning and renewal by using the Automatic Certificate Management Environment (ACME) protocol through the mod_md package has been added. The mod_md package is used with certificate providers such as Let’s Encrypt.

    • TLS certificate loading added.  The Apache HTTP Server now includes capability for loading TLS certificates and private keys from hardware security tokens directly from PKCS#11 modules. Additionally, mod_ssl configuration can now use PKCS#11 URLs to identify the TLS private key, and optionally, the TLS certificate in the SSLCertificateKeyFile and SSLCertificateFile directives.

    • Multi-processing module changed to high-performance multi-thread event model.  The multi-processing module (MPM) that the Apache HTTP Server configures by default has changed to a high-performance, multi-threaded event model. Previously, the multi-process forked model (also known as prefork) was used. Note that you must replace or remove any third-party modules that are not thread-safe. To change the MPM that is currently configured, edit the /etc/httpd/conf.modules.d/00-mpm.conf file by following the directions documented in the httpd.service(8) man page.

  • Availability of HTTP for nginx 1.14 web and proxy server.  The nginx 1.14 web and proxy server includes support for HTTP and other protocols by providing high currency performance with low-memory usage. Previously, nginx was only available as a Software Collection.

    The nginx web server also provides support for loading TLS certificates and private keys from hardware security tokens, directly from PKCS#11 modules. As a result, an nginx configuration can use PKCS#11 URLs to identify the TLS private key in the ssl_certificate_key directive.