Available the release of Apache HTTP Server 2.4.63, which includes the following changes:
- The experimental module Mod_TLS, built on top of rustls, has been removed. This module is now being developed separately. The unstable API Rustls was cited as the reason for removal, along with the mismatch of the development cycles between Rustls and Apache Httpd.
- The Mod_MD module has been updated, used to automate the receipt and maintenance of certificates using the ACME (Automatic Certificate Management Environment) protocol. Issues with updating certificates have been resolved, and improvements have been made in providing error information when checking domains. Verification checks have also been increased.
- The LDAP-SEARCH option has been added to Mod_authnz_LDAP, allowing authorization of an arbitrary expression not limited to the user’s name.
- In Mod_LUA, an entry to the parameter r.ap_auth_type has been allowed.
- The ability to read PKCS#11 keys has been restored to MOD_SSL when using a cryptodev without a tuned value “SSLCRYPTODEVICE”.
- In the HTTP protocol handler, support for the REQUEST-RANGE header (not to be confused with the header range), which was sent by Netscape Navigator 2-3 and MSIE 3.
/Reports, release notes, official announcements.