Dear managers, thanks to Christophe Dupre <duprec@scorec.rpi.edu> "Luc I. Suryo" <luc@suryo.com> and others. I was finally able to build Apache from source on Solaris 9 and get ssl to work. I thought this would be less tricky. First to Apache 2.x. These sources did not build for me. I got this error /usr/share/src/httpd-2.0.50/srclib/apr/libtool --silent --mode=compile gcc -g -O2 -pthreads -DSOLARIS2=9 -D_POSIX_PTHREAD_SEMANTICS -D_REENTRANT -DAP_HAVE_DESIGNATED_INITIALIZER -I/usr/share/src/httpd-2.0.50/srclib/apr/include -I/usr/src/httpd-2.0.50/srclib/apr/include -I/usr/share/src/httpd-2.0.50/srclib/apr-util/include -I/usr/src/httpd-2.0.50/srclib/apr-util/include -I/usr/src/httpd-2.0.50/srclib/apr-util/xml/expat/lib -I. -I/usr/src/httpd-2.0.50/os/unix -I/usr/src/httpd-2.0.50/server/mpm/prefork -I/usr/src/httpd-2.0.50/modules/http -I/usr/src/httpd-2.0.50/modules/filters -I/usr/src/httpd-2.0.50/modules/proxy -I/usr/src/httpd-2.0.50/include -I/usr/src/httpd-2.0.50/modules/generators -I/usr/local/ssl/include/openssl -I/usr/local/ssl/include -I/usr/src/httpd-2.0.50/modules/dav/main -prefer-non-pic -static -c exports.c && touch exports.lo exports.c:1574: error: redefinition of 'ap_hack_apr_base64_encode_len' exports.c:177: error: previous definition of 'ap_hack_apr_base64_encode_len' was here exports.c:1575: error: redefinition of 'ap_hack_apr_base64_encode' ... According to google this is a known bug and replacing build/make_exports.awk with a newer version is supposed to fix it, but I didn't find a newer version, so this did not get me any further. I then retried to build apache 1.3.27 and finally was successfull. First forget openssl 0.9.6. It has a bug that does not allow you to create reasonable signatures and certificates. openssl-0.9.7e seems a good choice. Second there is a bug in mod_ssl that breaks the compilation of apache, since some bad file is recreated by flex during the build process, which breaks the whole thing. So here is what has worked for me on Solaris 8 and Solaris 9. Get the apache sources and unpack. cd /usr/src ftp sunsite.informatik.rwth-aachen.de cd /pub/mirror/ftp.sunfreeware.com/SOURCES passive bin get apache-1.3.27.tar.gz get mod_ssl-2.8.12-1.3.27.tar.gz get openssl-0.9.7e.tar.gz quit gunzip apache-1.3.27.tar.gz tar xvf apache-1.3.27.tar gunzip mod_ssl-2.8.12-1.3.27.tar.gz tar xvf mod_ssl-2.8.12-1.3.27.tar gunzip openssl-0.9.7e.tar.gz tar xvf openssl-0.9.7e.tar Build openssl. cd openssl-0.9.7e ./config make make test make install cd .. Apply a patch to the Apache sources and build apache. cd mod_ssl-2.8.12-1.3.27 ./configure --with-apache=../apache_1.3.27 cd .. cd apache_1.3.27 export SSL_BASE=/usr/local/ssl ./configure --prefix=/usr/local/apache --enable-module=all --enable-shared=max --enable-module=so --enable-module=ssl --enable-shared=ssl --enable-module=most --disable-module=auth_db cp /usr/src/mod_ssl-2.8.12-1.3.27/pkg.sslmod/ssl_expr_scan.c /usr/src/apache_1.3.27/src/modules/ssl/ssl_expr_scan.c make make certificate TYPE=custom make install cd .. Now build mod_ssl (it seems that this is not really necessary). cd mod_ssl-2.8.12-1.3.27 ./configure --with-ssl=../openssl-0.9.6i --with-apxs=/usr/local/apache/bin/apxs make make install The following command gives a list of available and statically linked modules. /usr/local/apache/bin/httpd -l We now need to set the correct ServerName in httpd.conf. All other values should have been automatically set by the build process. Make sure no other httpd daemon is running. pico /usr/local/apache/conf/httpd.conf tail -f /usr/local/apache/logs/error_log /usr/local/apache/bin/apachectl startssl /usr/local/apache/bin/apachectl start Building from sources creates a start script with the start options start and startssl. The package from sunfreeware.com does not know about startssl. Regards, Andreas > -----Original Message----- > From: sunmanagers-bounces@sunmanagers.org > [mailto:sunmanagers-bounces@sunmanagers.org] On Behalf Of Andreas > Hvschler > Sent: Saturday, December 18, 2004 12:22 AM > To: sunmanagers@sunmanagers.org > Subject: Apache with mod_ssl on Solaris 9 (from source) > > Dear managers, > > I am still trying to get this working. Somebody mentioned that there > was a problem with the openssl 0.9.6i package from sunfreeware.com. > Therefore I decided to install from source. I did the following: > > gunzip apache-1.3.27.tar.gz > tar xvf apache-1.3.27.tar > > gunzip mod_ssl-2.8.12-1.3.27.tar.gz > tar xvf mod_ssl-2.8.12-1.3.27.tar > > gunzip openssl-0.9.6i.tar.gz > tar xvf openssl-0.9.6i.tar > > Build OpenSSL. > > cd openssl-0.9.6i > ./config > make > make test > make install > cd .. > > Apply a patch to the Apache sources and build apache. > > cd mod_ssl-2.8.12-1.3.27 > ./configure --with-apache=../apache_1.3.27 --with-eapi-only > cd .. > > cd apache_1.3.27 > ./configure --prefix=/usr/local/apache --enable-module=all > --enable-shared=max --enable-rule=EAPI --with-layout=Apache > --disable-module=auth_db > make > make install > cd .. > > Now build mod_ssl > > cd mod_ssl-2.8.12-1.3.27 > ./configure --with-ssl=../openssl-0.9.6i > --with-apxs=/usr/local/apache/bin/apxs > make > make install > > The follwing command gives a list of available and statically linked > modules. > > /usr/local/apache/bin/httpd -l > > Compiled-in modules: > http_core.c > mod_so.c > suexec: disabled; invalid wrapper /usr/local/apache/bin/suexec > > Create certificate. > > cd /usr/local/ssl/certs > ... > ... > cp server.key /usr/local/apache/conf/advanced-it.key > cp server.crt /usr/local/apache/conf/advanced-it.crt > > I then edited httpd.conf > > Port 80 > Listen 80 > Listen 443 > ServerAdmin ahoesch@advanced-it.org > ServerName www.advanced-it.org > > <VirtualHost _default_:443> > SSLEngine on > SSLCertificateFile /usr/local/apache/conf/advanced-it.crt > SSLCertificateKeyFile /usr/local/apache/conf/advanced-it.key > BrowserMatch "MSIE 4\.0b2;" nokeepalive downgrade-1.0 > force-response-1.0 > SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown > </VirtualHost> > > and started the guy. Now I get > > /usr/local/apache/bin/apachectl start > > Syntax error on line 1054 of /usr/local/apache/conf/httpd.conf: > Invalid command 'SSLEngine', perhaps mis-spelled or defined by a module > not included in the server configuration > /usr/local/apache/bin/apachectl start: httpd could not be started > > I hoped the above process from sunfreeware.com would setup apache with > mod_ssl. What is still missing? Thanks a lot! > > Regards, > > Andreas > _______________________________________________ > sunmanagers mailing list > sunmanagers@sunmanagers.org > http://www.sunmanagers.org/mailman/listinfo/sunmanagers _______________________________________________ sunmanagers mailing list sunmanagers@sunmanagers.org http://www.sunmanagers.org/mailman/listinfo/sunmanagersReceived on Sat Dec 18 06:32:02 2004
This archive was generated by hypermail 2.1.8 : Thu Mar 03 2016 - 06:43:41 EST