Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!

Compiling Apache with Secure Socket support Desktop
[5/18 5:00pm - Editor's update: Merlijn has sent me a new PDF, which includes two very important revisions. The first is the inclusion of tcsh (not bash) shell instructions, and the second is the actual compilation of mod_ssl. If you've downloaded the PDF, please do so again now to get the newest version.]

Merlijn Tishauser has written a very thorough how-to on installing:
  • The latest Apache (1.3.19) and ...
  • PHP 4.05 and ...
  • mod_ssl
mod_ssl is the Apache interface to OpenSSL, and you can read more about it on the mod_ssl web site. SSL stands for Secure Sockets Layer, which lets you speak to the web server using encrypted data streams (a gross simplification, I know, but it's the best I can do!).

Merlin has compiled his how-to into an easy-to-read PDF, which I have posted on my iDisk - Click here to download it. His how-to also contains a complete copy of his httpd.conf configuration file, in case you're having trouble getting your Apache configured.

If you're interested in creating secure servers, give Merlin's how-to a thorough reading. I have not done this on my machine, so I can't provide any first hand advice, but it looks to be well written and easy to understand.
    •    
  • Currently 2.00 / 5
  You rated: 2 / 5 (3 votes cast)
 
[3,979 views]  

Compiling Apache with Secure Socket support | 14 comments | Create New Account
Click here to return to the 'Compiling Apache with Secure Socket support' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
Important update!!!!!!
Authored by: Gwyrrdin on May 18, '01 03:54:59AM
I forgot to mention that I used the BASH shell!!! This is very important on this step:
% cd apache_1.3.19
% SSL_BASE=../OpenSSL-3-1/openssl \
./configure \
--enable-module=ssl \
--activate-module=src/modules/php4/libphp4.a \
--enable-module=php4 \
--enable-shared=ssl
% make
Sorry for any troubles Merlijn Tishauser (aka Gwyrrdin)

[ Reply to This | # ]
PhP: --with-mysql
Authored by: Chas on May 19, '01 09:17:12AM

I am baffled by the PhP install. The configure flag --with-mysql=/path/to/mysql in particular has me stumped. From what I can tell, the "/path/to/mysql" has to be edited, and replaced with the real path, which is apparently /usr/local/mysql. Except I've been unable to get PhP to compile with any option like that, it craps out looking for the mysql libraries. Or am I a complete dunce, and it literally has to read "/path/to/mysql"..?



[ Reply to This | # ]
PhP: --with-mysql
Authored by: Gwyrrdin on May 19, '01 12:15:57PM

It has to be read as: path to mySQL :)
because this varies on the most OS X boxes....
on my machine it is /usr/local/mysql, on other it can be /usr/local/
etc etc etc.

Good luck



[ Reply to This | # ]
Another update
Authored by: Gwyrrdin on Jun 01, '01 03:42:35AM

Hello, I had to reinstall my OS X after buying a new HD and not taking the proper pre-cautions (And yes, I do make back-ups:) and also re-compiled my apache mod_ssl

update: my instructions DO work with apache 1.3.20 and mod_ssl 2.8.4

just replace mod_ssl and apache with the newer versions in the how-to

FYI

Merlijn



[ Reply to This | # ]
SSL_BASE not working...
Authored by: morgion on Jun 05, '01 11:05:48PM

I get the following error while in the apache directory and trying to execute the
SSL_BASE=../OpenSSL-3-1/openssl command:

SSL_BASE=../OpenSSL-3-1/openssl: Command not found.

I've followed all the instructions to the letter, so what could be the problem?



[ Reply to This | # ]
SSL_BASE not working...
Authored by: Gwyrrdin on Jun 06, '01 02:25:43AM
Which shell are you using? Be aware that SSL_BASE is for the the bash shell. For tcsh use:
setenv SSL_BASE=../OpenSSL-3-1/openssl 
./configure 
--enable-module=ssl 
--activate-module=src/modules/php4/libphp4.a 
--enable-module=php4 
--enable-shared=ssl
And when doing a lot of compiles, in this case four or five, it never hurts to do a double sync and rehash after each compile. Good luck Merlijn

[ Reply to This | # ]
SSL_BASE not working...
Authored by: Gwyrrdin on Jun 06, '01 09:16:04AM

don't forget the backslash after the setenv command....it has to be in front of the configure command....somehow it dissapeared in my prev. posting

SSL_BASE=../et/etc/etc <BACKSLASH>

Cheers

Merlijn



[ Reply to This | # ]
Thanks
Authored by: morgion on Jun 06, '01 01:10:27PM

Thought for sure I was using bash... doh. ;-)

What did you mean by doing a double sync and refresh after each compile?



[ Reply to This | # ]
Spoke too soon...
Authored by: morgion on Jun 06, '01 01:23:08PM
I was a little bit premature on my thanks. ;-) Now, using the setenv command, I get the following when entering the SSL_BASE and configure options:
[localhost:~/apache_1.3.19] morgion% setenv SSL_BASE=../OpenSSL-3-1/openssl
 -> ./configure
 -> --enable-module=ssl
 -> --activate-module=src/modules/php4/libphp4.a
 -> --enable-module=php4
 -> --enable-shared=ssl
setenv: Too many arguments.
According to my Terminal prog preferences, I am running tcsh. I also have the back slashes in there, at the end of every line except the last --enable, no spaces before or after the backslash.

[ Reply to This | # ]
Spoke too soon...
Authored by: Gwyrrdin on Jun 06, '01 04:11:04PM
hmmm the setenv command was advised to me by a so called unix wizz kid. That's the reason why I use bash :) resync-> unix/linux sytems don't write changes t the filesystem immediatly to the disk, but keep it in a buffer.
% sync
forces the sytem to write the changes to disk, doing it twice is somehow better then once, don't remember why. with rehash, you tell the shell to recognise any new binaries you just installed...it looks for those in his paths with the following command:
% rehash
also, for some odd reason, do this twice:) Cheers Merlijn

[ Reply to This | # ]
Spoke too soon...
Authored by: kfancher on Jun 08, '01 12:27:44AM

Don't use an = with setenv.

setenv SSL_BASE ../OpenSSL-3.1/openssl
./configure
etc...



[ Reply to This | # ]
Spoke too soon...
Authored by: kfancher on Jun 08, '01 12:36:34AM

Don't use an = with setenv.

setenv SSL_BASE ../OpenSSL-3.1/openssl
./configure
etc...



[ Reply to This | # ]
1.8.0 gdbm no compile--help
Authored by: themax on Aug 29, '01 04:25:36PM

Well there is a large problem I'm running into in the compilation of the gdbm....namely it doesn't know what platform it is compiling on....ANy Ideas? ./configure leads to a line stating that it doesn't know what host it is on.

Any help would be appreciated.

Thanks
Robert



[ Reply to This | # ]
1.8.0 gdbm no compile--help
Authored by: Gwyrrdin on Aug 30, '01 06:46:40AM
uhmm Time to revise the pdf...i;m working on it already, next version will include download locations...to stop the 5 emails a day asking where gdbm can be downloaded...use google! The next version will include compiles of snort, portsentry and a how to of how to enable the graphical features of php, so we can use snortalert as well... but here is the answer to your question:
%cp /usr/libexec/config.* .
in the gdbm directory does the trick good luck Merlijn

[ Reply to This | # ]