Getting Started with Apache 1.3 Page 3

The latest and greatest released version of Apache is always available from the Apache Web site in the /dist/ location: <URL:http://www.apache.org/dist/>. If you look at that page, one of the first things you'll see is a link to a way of finding a distribution point, or mirror, that's closer to you.

The Apache Software Foundation only supports downloading using HTTP and the Web; FTP repositories are not provided. Mirror sites may or may not provide FTP access to their distribution areas.

Exactly how you download the software depends on your Web browser, but it may be as simple as holding down the 'Shift' key and clicking on the name of the file.

There are two types of packages you can download from the Apache site:

  1. Packages containing only the Web server source code, and
  2. Packages containing the source code and a pre-built binary.

The source-only packages are located in the top directory of the URL listed above; the prebuilt binaries are located in subdirectories underneath the /binaries/ folder.

Package naming

The Apache packages are named according to a formula:

  • The word 'apache', followed by
  • the three-component version number (e.g., '1.3.12'), followed by
  • optional suffix information (such as 'win32' to stress that the package is for Windows, or 'i386-whatever-linux2', which indicates a package built for Linux systems running on x86 hardware with a 2.* kernel version), followed by
  • package-type information (such as '.exe', or '.tar.gz')

A package that is missing the optional suffix information, such as 'apache_1.3.12.tar.gz', is a source-only package. If you download such you will have to compile and build the server yourself from scratch. Packages that include the optional suffix have been pre-built for the named platform, but they also include the source code in case you want or need to rebuild the server yourself.

The version number is very important. It's read from left to right, and each component is treated as a number in its own right. So the package named 'apache_1.3.12.tar.gz' contains version '1.3.12', which is pronounced 'one point three point twelve,' and is more recent than '1.3.9'.

Signature Files

In addition to the packages themselves, there are frequently accompanying signature files. These are used to verify that the packages were really built by the Apache developers, and have the same name as the package with either a '.asc' or '.md5' suffix attached. To use these, you will need either something that can read and verify PGP signatures (such as PGP itself), or a tool that can generate MD5 checksums.

The MD5 checksum, if one is provided for the package, is easier to check. You simply use your MD5 checksumming tool to generate a checksum of the package, and then you compare that value with what's in the .md5 file. For example:

    % md5sum apache_1.3.12.tar.gz
    de3ccff384b0d4ab94c3251cb85d49d2  apache_1.3.12.tar.gz
    % cat apache_1.3.12.tar.gz.md5
    MD5 (apache_1.3.12.tar.gz) = de3ccff384b0d4ab94c3251cb85d49d2

This article was originally published on Jun 1, 2000

Thanks for your registration, follow us on our social networks to keep up-to-date