在瑞芯微RV1106板子上用gcc14.2本地编译安装apache2.4.63，开启http2和tls1.3，并且https支持XP系统的IE6-8浏览器
参考文章：https://blog.csdn.net/ZLK1214/article/details/138168428

瑞芯微RV1106从SD卡启动自己的busybox1.36.1根文件系统：https://zh.purasbar.com/post.php?t=32786
在fedora42上用arm-gnu-toolchain-14.2交叉编译器编译gcc14.2、gdb14.2和make4.4：https://zh.purasbar.com/post.php?t=32816

请注意一定要设置C_INCLUDE_PATH=/usr/include环境变量，否则编译会失败。
make[3]: Entering directory '/root/software/httpd-2.4.59/srclib/apr'
/bin/sh /root/software/httpd-2.4.59/srclib/apr/libtool --silent --mode=compile --tag=CC gcc -g -O2   -DHAVE_CONFIG_H  -DLINUX -D_REENTRANT -D_GNU_SOURCE -D_LARGEFILE64_SOURCE   -I./include -I/root/software/httpd-2.4.59/srclib/apr/include/arch/unix -I./include/arch/unix -I/root/software/httpd-2.4.59/srclib/apr/include/arch/unix -I/root/software/httpd-2.4.59/srclib/apr/include -I/root/software/httpd-2.4.59/srclib/apr/include/private -I/root/software/httpd-2.4.59/srclib/apr/include/private  -o encoding/apr_encode.lo -c encoding/apr_encode.c && touch encoding/apr_encode.lo
In file included from ./include/apr_encode.h:24,
                 from encoding/apr_encode.c:28:
./include/apr.h:632:2: error: #error no decision has been made on APR_PATH_MAX for your platform
  632 | #error no decision has been made on APR_PATH_MAX for your platform
      |  ^~~~~
make[3]: *** [/root/software/httpd-2.4.59/srclib/apr/build/apr_rules.mk:207: encoding/apr_encode.lo] Error 1
make[3]: Leaving directory '/root/software/httpd-2.4.59/srclib/apr'
make[2]: *** [/root/software/httpd-2.4.59/srclib/apr/build/apr_rules.mk:119: all-recursive] Error 1
make[2]: Leaving directory '/root/software/httpd-2.4.59/srclib/apr'
make[1]: *** [/root/software/httpd-2.4.59/build/rules.mk:75: all-recursive] Error 1
make[1]: Leaving directory '/root/software/httpd-2.4.59/srclib'
make: *** [/root/software/httpd-2.4.59/build/rules.mk:75: all-recursive] Error 1

工作目录：
mkdir -p /root/software/lamp
cd /root/software/lamp

【源码编译安装openssl-1.1.1w】
之前弄wifi的时候已经编译安装好了。
（编译时记得设置enable-ssl3 enable-ssl3-method enable-weak-ssl-ciphers选项，这样才能让https支持XP系统的IE6-8浏览器）
见https://zh.purasbar.com/post.php?t=32786

【源码编译安装nghttp2-1.66.0（不需要绑定openssl）】
wget https://github.com/nghttp2/nghttp2/releases/download/v1.66.0/nghttp2-1.66.0.tar.gz --no-check-certificate
tar xf nghttp2-1.66.0.tar.gz
cd nghttp2-1.66.0
./configure --prefix=/opt/nghttp2-1.66.0 --enable-shared
make
make install
cd ..

【编译安装apache前所需的软件包】
在板子上编译安装pcre2-10.45软件包：
wget https://github.com/PCRE2Project/pcre2/releases/download/pcre2-10.45/pcre2-10.45.tar.bz2 --no-check-certificate
tar xf pcre2-10.45.tar.bz2
cd pcre2-10.45
./configure
make
make install
ldconfig
cd ..

在板子上编译安装zlib-1.3.1软件包：
wget https://www.zlib.net/zlib-1.3.1.tar.gz --no-check-certificate
tar xf zlib-1.3.1.tar.gz
cd zlib-1.3.1
./configure
make
make install
ldconfig
cd ..

在板子上编译安装expat-2.7.1软件包：
wget https://github.com/libexpat/libexpat/releases/download/R_2_7_1/expat-2.7.1.tar.gz --no-check-certificate
tar xf expat-2.7.1.tar.gz
cd expat-2.7.1
./configure
make
make install
ldconfig
cd ..

在板子上编译安装perl-5.40.2软件包：
wget https://www.cpan.org/src/5.0/perl-5.40.2.tar.gz --no-check-certificate
tar xf perl-5.40.2.tar.gz
cd perl-5.40.2
./configure.gnu
make
make install
ldconfig
cd ..

在板子上编译安装libxcrypt-4.4.38软件包：
wget https://github.com/besser82/libxcrypt/releases/download/v4.4.38/libxcrypt-4.4.38.tar.xz --no-check-certificate
tar xf libxcrypt-4.4.38.tar.xz
cd libxcrypt-4.4.38
./configure
make
make install
ldconfig
cd ..

【源码编译安装apache-2.4.63】
wget https://dlcdn.apache.org/httpd/httpd-2.4.63.tar.gz --no-check-certificate
tar xf httpd-2.4.63.tar.gz
cd httpd-2.4.63/srclib
wget https://dlcdn.apache.org/apr/apr-1.7.6.tar.gz --no-check-certificate
tar xf apr-1.7.6.tar.gz
mv apr-1.7.6 apr
wget https://dlcdn.apache.org/apr/apr-util-1.6.3.tar.gz --no-check-certificate
tar xf apr-util-1.6.3.tar.gz
mv apr-util-1.6.3 apr-util
cd ..

./configure --prefix=/opt/httpd-2.4.63 --enable-deflate --enable-expires --enable-mpms-shared=all --with-mpm=event --enable-rewrite --enable-so --with-included-apr --enable-ssl --enable-modules=most --enable-mods-shared=all --enable-http2 --with-nghttp2=/opt/nghttp2-1.66.0

执行这条命令的时候本人遇到了configure: error: cannot compute sizeof (pid_t)的错误。
笔者单独找了个地方wget http://archive.apache.org/dist/apr/apr-1.7.4.tar.gz --no-check-certificate。
./configure报一样的错误。修改configure第2051行，if (sizeof (($2)))改成if (sizeof ($2))。
./configure报configure: error: cannot make gcc report undeclared builtins。
再把configure文件改回来，./configure就成功了。
回到httpd-2.4.63目录，什么都没改，就能configure成功。可能是缓存的问题吧。

make
make install
cd ..

关闭busybox自带的http服务器：
# ps aux | grep httpd
   83 root      0:00 httpd -h /var/www/html
  344 root      0:00 grep httpd
# kill -9 83

添加daemon用户和组：
（系统用户，且不可登录。-S表示编号从100开始）
addgroup -S daemon
adduser -G daemon -SDH daemon

启动apache服务器：/opt/httpd-2.4.63/bin/apachectl start
重启apache服务器：/opt/httpd-2.4.63/bin/apachectl restart
停止apache服务器：/opt/httpd-2.4.63/bin/apachectl stop

【生成sha1签名的https证书】
openssl req -x509 -nodes -days 365 -newkey rsa:2048 -sha1 -keyout /opt/httpd-2.4.63/conf/server.key -out /opt/httpd-2.4.63/conf/server.crt
下面的内容不用填，直接按回车键就行了。
Country Name (2 letter code) [AU]:
State or Province Name (full name) [Some-State]:
Locality Name (eg, city) []:
Organization Name (eg, company) [Internet Widgits Pty Ltd]:
Organizational Unit Name (eg, section) []:
Common Name (e.g. server FQDN or YOUR name) []:
Email Address []:

提示：sha1证书的兼容性好，完美支持原版win2000sp4系统的ie5和ie6浏览器，以及xp sp2和sp3系统的ie6-8浏览器。
但现在市场上销售的一般是sha256证书，xp sp3的ie6-8可以直接访问，但64位xp sp2需要安装KB968730补丁后ie6-8才能访问。
win2000sp4的ie5不支持sha256证书，访问https会无法显示网页。
win2000sp4的ie6要安装黑翼猫扩展内核后，才能访问使用了sha256证书的https网站。

【apache服务器启用https】
vi /opt/httpd-2.4.63/conf/httpd.conf
取消注释LoadModule socache_shmcb_module modules/mod_socache_shmcb.so
取消注释LoadModule ssl_module modules/mod_ssl.so
取消注释Include conf/extra/httpd-ssl.conf

vi /opt/httpd-2.4.63/conf/extra/httpd-ssl.conf
将
SSLCipherSuite HIGH:MEDIUM:!MD5:!RC4:!3DES
SSLProxyCipherSuite HIGH:MEDIUM:!MD5:!RC4:!3DES
修改为
SSLCipherSuite HIGH:MEDIUM:!MD5:!RC4
SSLProxyCipherSuite HIGH:MEDIUM:!MD5:!RC4

将
SSLProtocol all -SSLv3
SSLProxyProtocol all -SSLv3
修改为
SSLProtocol all
SSLProxyProtocol all
（-SSLv3前面的减号表示禁止的意思，禁用了SSLv3的话IE6就打不开https网站了）

另外还要正确配置SSLCertificateFile和SSLCertificateKeyFile（https证书文件）。
如：
SSLCertificateFile /home/xxx/certificate/xxx.com.crt
SSLCertificateKeyFile /home/xxx/certificate/xxx.com.key

测试配置是否正确：/opt/httpd-2.4.63/bin/httpd -t（输出Syntax OK表示配置正确）
重启：/opt/httpd-2.4.63/bin/apachectl restart
经检验，IE6、IE8、edge、firefox均能正常访问https。

【apache服务器启用http2】
vi /opt/httpd-2.4.63/conf/httpd.conf
取消注释LoadModule http2_module modules/mod_http2.so
在文件末尾添加：
Protocols h2 http/1.1
LogLevel http2:info
重启：/opt/httpd-2.4.63/bin/apachectl restart

经检验，XP系统下的firefox52.9esr可以正常通过HTTP/2访问https，且不影响IE6-8的http/1.1访问。
XP系统下用mypal68浏览器访问https，采用的是tls1.3协议。

chrome49：

firefox52.9esr：

mypal68.14.4b：

supermium124：

手机edge浏览器：

[root@luckfox-rv1106 ~/software/lamp]# ps aux | grep httpd
  379 root      0:00 /opt/httpd-2.4.63/bin/httpd -k start
  584 daemon    0:00 /opt/httpd-2.4.63/bin/httpd -k start
  585 daemon    0:00 /opt/httpd-2.4.63/bin/httpd -k start
  586 daemon    0:00 /opt/httpd-2.4.63/bin/httpd -k start
  743 daemon    0:01 /opt/httpd-2.4.63/bin/httpd -k start
  806 root      0:00 grep httpd
[root@luckfox-rv1106 ~/software/lamp]# free -h
              total        used        free      shared  buff/cache   available
Mem:         215.4M       23.4M        4.4M      472.0K      187.6M      184.2M
Swap:             0           0           0
[root@luckfox-rv1106 ~/software/lamp]#

开机自动启动apache服务器：
vi /etc/init.d/rcS
删除里面的httpd -h /var/www/html语句
添加/opt/httpd-2.4.63/bin/apachectl start

Windows 2000 SP4的IE5浏览器访问https：

（服务器必须采用sha1签名的https证书）

Windows 2000 SP4（未安装黑翼猫扩展内核）的IE6浏览器访问https：

（服务器必须采用sha1签名的https证书）