Hugo: Problem here is CentOS come with openssl 0.98 and Cherokee requires openssl 1+. If I replace CentOS openssl with an 1.0 openssl everything will break because a lot of rpm's (like sshd) link to 0.98 libraries.
I tried to work it around by installing an openssl 1.0 in ANOTHER directory (/opt/openssl) and pointing out to the Cherokee configurator to read the openssl libraries from there and it never works. I don't know if I am doing it wrong or if something is wrong with Cherokee's configuration scripts. It's indeed a shame because there are thousands of CentOS 5.x servers at hosting providers (probably more than Debian/Ubuntu/etc.), and with the new changes in the Facebook API requiring SSL connection, SSL is a MUST nowadays. If I make this work I'll let you know, if anyone can help us work this around, please help. My logs are in the previous mails. Jorge S. On Wed, Oct 5, 2011 at 2:51 AM, Hugo Vazquez Carames <[email protected]>wrote: > Jorge, if you get it working, let me know. In the past I had the same > problem with CentOS 5.5. Right now I'm doing SSL encryption with nginx as a > reverse proxy in front of Cherokee. Very ugly solution...but the reality is: > > Cherokee + CentOS + SSL = problems > > I still can't figure out why there are packages for home linux distros but > there are not for enterprise ones, like RedHat or CentOS... > > As long there are no packages available for those arquitectures, there will > be always the same compiling problems due to the Redhat policy of being so > conservative with the software. Meanwhile, admins of big corporations think: > do I deploy Apache -standard package, 0 problems- or do I install Cherokee > -no standard package, and I need to compile it, compilation will not > work,...then I need to install newer libssl libraries...., and compilation > still will not work...- Ummmm, maybe I'll get a try to CHerokee next year > ;-) > > What a pity... > > Alvaro, can you see there are problems with Cherokee + CentOS/RedHat? Is it > technically impossible to solve this situation? Is it impossible to > statically compile all the stuff needed by Cherokee and create CentOS/RedHat > packages? I can figure out what is the problem... come on, we put a man on > the moon! ;-) > > Kind Regards, > > > On Wed, 05 Oct 2011 05:54:13 +0200, Jorge Sarmiento < > [email protected]> wrote: > > Hi!, I am still having this problem, anyone have any idea how can I fix >> it? >> >> I checked the config.log file and found this: >> >>> >>> configure:19603: gcc -std=gnu99 -o conftest -march=nocona -O3 >>> conftest.c >>> -lssl -L/opt/openssl-1.0.0e/lib -ldl >&5 >>> /usr/bin/ld: warning: libcrypto.so.1.0.0, needed by >>> /opt/openssl-1.0.0e/lib/**libssl.so, not found (try using -rpath or >>> -rpath-link) >>> >>> but the files are there: >>> >>> [root@server lib]# pwd >>> /opt/openssl-1.0.0e/lib >>> >>> [root@server lib]# ls -la >>> drwxr-xr-x 4 root root 4096 Sep 30 17:31 . >>> drwxr-xr-x 6 root root 4096 Sep 30 17:31 .. >>> drwxr-xr-x 2 root root 4096 Sep 30 17:31 engines >>> -rw-r--r-- 1 root root 3575530 Sep 30 17:31 libcrypto.a >>> lrwxrwxrwx 1 root root 18 Sep 30 17:31 libcrypto.so -> >>> libcrypto.so.1.0.0 >>> -r-xr-xr-x 1 root root 1968482 Sep 30 17:31 libcrypto.so.1.0.0 >>> -rw-r--r-- 1 root root 643388 Sep 30 17:31 libssl.a >>> lrwxrwxrwx 1 root root 15 Sep 30 17:31 libssl.so -> libssl.so.1.0.0 >>> -r-xr-xr-x 1 root root 403713 Sep 30 17:31 libssl.so.1.0.0 >>> drwxr-xr-x 2 root root 4096 Sep 30 17:31 pkgconfig >>> >>> Any suggestion? >>> >>> thanks for your time! >>> >>> Jorge S. >>> >>> >>> On Fri, Sep 30, 2011 at 3:16 PM, Alvaro Lopez Ortega < >>> [email protected]>wrote: >>> >>> Check the config.log file. It contains the internal details of every >>>> test >>>> performed by the configure script. >>>> >>>> -- >>>> Sent from my HTC >>>> >>>> >>>> ----- Reply message ----- >>>> From: "Jorge Sarmiento" <[email protected]> >>>> To: "cherokee" <[email protected]> >>>> Subject: [Cherokee] problem compiling with ssl support under CentOS 5 + >>>> openssl-1.0.0e built from sources >>>> Date: Fri, Sep 30, 2011 9:26 am >>>> >>>> >>>> Hi, >>>> >>>> I am trying to compile cherokee (latest trunk cherokee-1.2.99b6870) >>>> with >>>> SSL support under CentOS 5.7 >>>> >>>> I've compiled openssl-1.0.0e from sources using: >>>> ./config shared --prefix=/opt/openssl-1.0.0e && make && make install >>>> to avoid it overwriting native CentOS 5.7 OpenSSL rpm's >>>> >>>> And I'm trying to configure Cherokee using: >>>> ./configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var >>>> --disable-ipv6 --with-ldap=no --with-mysql=no --with-geoip=no >>>> --with-ffmpeg=no --with-wwwroot=/var/www/**cherokee/default/ >>>> --with-libssl=/opt/openssl-1.**0.0e --enable-static=yes >>>> --enable-static-module=all >>>> >>>> However I keep on getting: >>>> OpenSSL support no >>>> >>>> I've trying several combinations on the --with-libssl= value >>>> (/opt/openssl-1.0.0e /opt/openssl-1.0.0e/lib >>>> /opt/openssl-1.0.0e/include), >>>> but still no OpenSSL support after ./config >>>> >>>> Any ideas what I could be doing wrong? >>>> >>>> thanks! >>>> >>>> Jorge S. >>>> >>>> >>> >>> > > -- > --------------------- > > Hugo Vázquez Caramés > > "El trabajo que nunca se empieza es el que tarda más en finalizarse" (J. R. > R. Tolkien) > > "La mayoría de las personas gastan más tiempo y energías en hablar de los > problemas que en afrontarlos" (Henry Ford) > > "Lo imposible es el fantasma de los tímidos y el refugio de los cobardes" > (N. Bonaparte) > > ==============================**========================== > PENTEST Consultores > Tel: 93 3962070 / Fax: 93 3962001 > e-mail: [email protected] > ==============================**========================== > Gane credibilidad y confianza, visite http://www.pentest.es > > > Este e-mail es confidencial y destinado únicamente a la persona a la cual > va dirigido. Si Ud. no es el destinatario al cual va dirigido este e-mail o > lo recibe por error, queda advertido que cualquier uso, difusión,impresión o > copia de este mensaje está estrictamente prohibido. Si lo ha recibido por > error, por favor, notifíquelo al remitente del mensaje > > This email is confidential and intended solely for the use of the > individual to whom it is addressed. If you are not the intended recipient,be > advised that you have received this email in error and that any > use,dissemination, forwarding, printing or copying of this email is strictly > prohibited. If you have received this email in error please notify it to > sender. > >
_______________________________________________ Cherokee mailing list [email protected] http://lists.octality.com/listinfo/cherokee
