Tutorial
Compile & Install 1
Note: Adjust version numbers to reflect the packages you downloaded.
-
Login to your WebVoyage server.
-
Become superuser. (The dash gets you needed environment variables from /etc/profile and /.profile.)
su -
-
Copy the downloaded software tarballs to the /tmp directory.
cp /your_path_to_the/ssl_downloads/*.tar.gz /tmp
-
Change to the /tmp directory.
cd /tmp
-
Unzip and extract the OpenSSL package.
gzip -d -c openssl-0.9.6.tar.gz | tar xvf -
-
Change to the newly created directory.
cd openssl-0.9.6
-
For Solaris, you will have to edit Makefile in order to change the RANLIB variable.
(Always make a backup copy before editing a configuration file.)
cp Makefile Makefile.orig
vi Makefile
(For Solaris, replace "RANLIB=/usr/bin/ranlib" with "RANLIB=/usr/ccs/bin/ranlib"; Use the "which" command to verify the path to ranlib. If it says "no ranlib in..." then make sure root's PATH variable includes the paths needed for this installation. See Tutorial Prerequisites.)
-
Configure for your system.
sh config -fPIC
(use -fPIC if using the gcc compiler; -KPIC with the Sun Workshop cc compiler)
-
Compile, test, and install.
make
make test
make install
-
Return to the /tmp directory.
cd /tmp
|
MM Shared Memory Library - optional
|
Do this part if you want to include shared memory support in the Apache extended application programming interface (Apache/EAPI).
-
Unzip and extract the MM package.
gzip -d -c mm-1.1.3.tar.gz | tar xvf -
-
Change to the newly created directory.
cd mm-1.1.3
-
Configure.
./configure --disable-shared
-
Compile.
make
-
Return to the /tmp directory.
cd /tmp
-
Unzip and extract the Apache package.
gzip -d -c apache_1.3.19.tar.gz | tar xvf -
-
Unzip and extract the mod_ssl package.
gzip -d -c mod_ssl-2.8.2-1.3.19.tar.gz | tar xvf -
-
Change to the newly created directory.
cd mod_ssl-2.8.2-1.3.19
-
Apply mod_ssl to the Apache source tree.
./configure \
--with-apache=../apache_1.3.19 \
--enable-shared=ssl
(Note: A backslash ("\") allows a command to span multiple lines by escaping the newline character.)
-
Return to the /tmp directory.
cd /tmp
This is where you would add other modules to the Apache source tree. We are using mod_perl as an example, because it is among the most popular. Also, mod-perl is included in the default Solaris 8 Apache install, so including it will maintain the functionality that you already have (or will have after the OS upgrade).
-
Unzip and extract the mod_perl package.
gzip -d -c mod_perl-1.25.tar.gz | tar xvf -
-
Change to the newly created directory.
cd mod_perl-1.25
-
Apply mod_perl to the Apache source tree.
perl Makefile.PL \
EVERYTHING=1 \
APACHE_SRC=../apache_1.3.19/src \
USE_APACI=1 \
PREP_HTTPD=1 \
DO_HTTPD=1
(Note: Unless you installed them yourself, you'll get error messages that LWP::UserAgent and HTML::HeadParser can't be found since they are modules that aren't a part of the default Perl distribution. Their absence means you won't be able to run make test, but that is okay.)
-
Compile and install.
make
make install
-
Return to the /tmp directory.
cd /tmp
This is where we build and install Apache with all the fixin's. If you chose not to include MM and mod_perl, then omit the blue parts of the following commands.
-
Change to the Apache directory.
cd apache_1.3.19
-
Set environment variables showing the path to the OpenSSL installed earlier (/usr/local/ssl is the default OpenSSL install location) and the MM source.
SSL_BASE=/usr/local/ssl \
EAPI_MM=../mm-1.1.3
-
Configure Apache with mod_ssl, mod_perl, and MM.
./configure \
--enable-module=ssl \
--activate-module=src/modules/perl/libperl.a \
--enable-module=perl \
--prefix=/path/to_install/apache
(Important Note: If you don't specify an install path with "--prefix=/path_where_you_want/apache", Apache will default install to /usr/local/apache. That is a fine place for it and that's where I put it. However, if you currently have Apache installed there and don't want to overwrite any of those files, you must specify another path.
If this is your first time installing Apache, I highly recommend that you install it separately from your current Apache. Then you can configure/test/play with it at your leisure, and when you are satisfied that it works to your satisfaction, make it your operational version. But until then, don't screw around with your current operational version of Apache.)
-
Compile.
make
-
Make a test certificate.
make certificate
(Note: make certificate defaults to TYPE=test, which is as good a choice as any. [Unless you already have an existing certificate.] As you proceed here, the program will ask you various questions. Watch out for when it asks you whether you want to encrypt your key. Answer no! Is it less secure to have an unencrypted key? Yes it is. However if you encrypt your key, you have to be present to supply the pass phrase every time secure Apache is started, including if the server happens to reboot at 3:30am on a Sunday morning. It's your call. :-)
-
Install.
make install
-
Return to the /tmp directory.
cd /tmp
You may need the openssl utility later on (e.g. for creating keys and/or CSRs), so either remember where it got installed (/usr/local/ssl/bin) or add the directory to your PATH variable. While you're at it, add it's man page directory (/usr/local/ssl/man) to MANPATH.
You're done! (With the hard part, anyway :-) You can delete the no-longer needed software source files in the /tmp directory or leave them there for Solaris to delete at the next reboot. Now it's time for the Apache and WebVoyage post-install configuration.
-
These instructions are derived from the mod_ssl Unix INSTALL file. Please look over both documents. If you have any questions regarding my deviations from the mod_ssl instructions, drop me a line at doran@uta.edu.
|
