The Apache Portable Runtime Project

Get Involved

  • Subversion
  • Mailing Lists
  • Build on Win32
  • Build on Unix
  • Download!

  • from a mirror
  • APR Docs

  • Version 1.5
  • Version 1.6 (dev preview)
  • Trunk APR 2.0 (dev preview)
  • APR-util Docs

  • Version 1.5
  • Version 1.6 (dev preview)
  • Trunk APR 2.0 (dev preview)
  • APR-iconv Docs

  • Version 1.2
  • Trunk (dev preview)
  • Guidelines

  • Project Guidelines
  • Contributing
  • Version Numbers
  • Miscellaneous

  • License
  • Security Reports
  • Projects using APR
  • Sponsors
  • Sponsorship
  • Downloading the Apache Portable Runtime

    Use the links below to download the Apache Portable Runtime from one of our mirrors. You must verify the integrity of the downloaded files using signatures downloaded from our main distribution directory.

    Only current recommended releases are available on the main distribution site and its mirrors. Older releases are available from the archive download site.


    The currently selected mirror is If you encounter a problem with this mirror, please select another mirror. If all mirrors are failing, there are backup mirrors (at the end of the mirrors list) that should be available.

    Other mirrors:

    You may also consult the complete list of mirrors.

    APR 1.5.2 is the best available version

    APR is the base portability library.

    APR-util 1.5.4 is the best available version

    APR-util provides a number of helpful abstractions on top of APR.

    APR iconv 1.2.1 is the best available version

    APR-iconv provides a portable iconv() implementation built on top of APR. It is generally of interest only where no system provided iconv() is available (either in libiconv, or libc as applicable). An example is the Windows platform, where APR-iconv is required to enable the APR-util library's apr_xlate feature.

    Verify the integrity of the files

    It is essential that you verify the integrity of the downloaded files using the PGP or MD5 signatures. Please read Verifying Apache HTTP Server Releases for more information on why you should verify our releases. (The same rationale applies to APR as to HTTP Server.)

    The PGP signatures can be verified using PGP or GPG. First download the KEYS as well as the asc signature file for the particular distribution. Make sure you get these files from the main distribution directory, rather than from a mirror. Then verify the signatures using

    % pgpk -a KEYS
    % pgpv apr-1.0.1.tar.gz.asc
    % pgp -ka KEYS
    % pgp apr-1.0.1.tar.gz.asc
    % gpg --import KEYS
    % gpg --verify apr-1.0.1.tar.gz.asc

    Alternatively, you can verify the MD5 and/or SHA1 signature on the files. An MD5 hash consists of a 32 character string (example: d41d8cd98f00b204e9800998ecf8427e), and a SHA1 hash consists of a 40 character string (example: da39a3ee5e6b4b0d3255bfef95601890afd80709). To verify the hash on a file, generate a hash string of your own on the file, and compare the hash string you get with the hash string published inside the signature files. A unix program called md5 or md5sum is included in many unix distributions. It is also available as part of GNU Textutils. Windows users can get binary md5 programs from here, here, or here.

    Copyright © 2008-2017, The Apache Software Foundation