"Brian D. Kohl" wrote:
[...]
> Love these lists! I just documented the full set of steps I went batty
> figuring out with mod_perl and mod_ssl w/APACI Apache 1.3.6 this week. See
> directions I setup below (I also added the mod_auth_anon, mod_cern_meta and
> mod_speling in there too, below):
Hat's off to Brian who gave me the clues I needed to actually get
everything running! (with a few minor tweaks)
If you're trying to build the whole lot on RedHat 6.0, here's the
skinny...
Above all, be sure to have many, if not all of the devel libs
installed. If you don't and later experience problems, don't say you
weren't warned. :-)
Before I proceed .. there =is= a problem with mod_rewrite under RedHat
6.0. Not only is ndbm.h in the wrong place (/usr/include/db1 vs.
/usr/include), but even if you either symlink, hardlink, or copy it to
the correct place, mod_rewrite will =still= gag your build of Apache.
[Ralph .. any chance on updating mod_rewrite to use gdbm? ndbm is pretty
depricated at this point AFAIK.. I'd take the patch on, but I have a
deadline looming in my near future]
Feel free to include this in the dist as a build note for RH6.0 .. note
I used 'gcc' and not one of the linux variants in the Configure stage of
openssl..
1) Download and untar the five main tarballs (and get the rsa patch for
openssl). rsaref20.tar.Z (use http://ftpsearch.lycos.com to find a
copy), openssl-0.9.2b, openssl-0.9.2b-rsaoaep.patch,
mod_ssl-2.2.8-1.3.6.tar.gz, mod_perl-1.19.tar.gz, apache_1.3.6.tar.gz.
I like building in /var/tmp .. but that's just me, it really doesn't
matter.
2) Expand and prepare the archives...
mkdir rsaref-2.0
mv rsaref20.tar.Z rsaref-2.0/
gzip -cd apache_1.3.6.tar.gz | tar -xf -
gzip -cd mod_perl-1.19.tar.gz | tar -xf -
gzip -cd mod_ssl-2.2.8-1.3.6.tar.gz | tar -xf -
gzip -cd openssl-0.9.2b | tar -xf -
mv openssl-0.9.2b-rsaoaep.patch openssl-0.9.2b/; cd openssl-0.9.2b
patch -p0 <openssl-0.9.2b-rsaoaep.patch
cd ../rsaref-2.0
gzip -cd rsaref20.tar.Z | tar -xf -; tar -xf rsaref.tar
(at this point, you should be in ./rsaref-2.0 and everything is prepped)
2) Build RSAref...
cp -rp install/unix local
cd local
make
mv rsaref.a librsaref.a
cd ../..
3) Build openssl...
cd openssl-0.9.2b
make -f Makefile.ssl links
perl ./Configure gcc \
-DRSAref -lRSAglue \
-L`pwd`/../rsaref-2.0/local/ -lrsaref
cp rsaref/rsaref.h include/
make
cd ../
4) Build mod_ssl...
cd mod_ssl-2.2.8-1.3.6
./configure --with-apache=../apache_1.3.6 \
--with-ssl=../openssl-0.9.2b \
--with-rsa=../rsaref-2.0/local \
--prefix=/usr/local/apache \
--disable-rule=SSL_COMPAT
cd ../
5) Build mod_perl...
cd mod_perl-1.19
perl Makefile.PL APACHE_SRC=../apache_1.3.6/src \
DO_HTTPD=1 USE_APACI=1 PREP_HTTPD=1
EVERYTHING=1 PERL_SSI=1
make
make test (assuming you have LWP installed)
make install
cd ../
6) Build apache...
cd apache_1.3.6
./config.status --prefix=/usr/local/apache \
--activate-module=src/modules/perl/libperl.a \
--enable-module=most \
--disable-module=rewrite
make
(follow the on-screen notes about the next step!!)
make certificate
make install
(you'll notice I'm something of a glutton when it comes to modules..
hey, it's only memory.. :-)
7) Test your beautiful new baby...
/usr/local/apache/bin/apachectl startssl
et voila .. one gloriously wonderful new mod_ssl + mod_perl + Apache
running on RedHat 6.0!
Now.. do the truly geekful thing of building a Squid accelerator and
stuffing the normal Apache process up on :8080, your accelerator on :80,
bypass your mod_perl and SSL content in the Squid conf file and you'll
have one screaming machine... assuming you have a plethora of memory and
decent drive space.
Once you've got that running.. you've built the One True Server. ;-)
Brian .. thanks again .. I owe ya a beer or two!
--
Regards,
Dave
P: [EMAIL PROTECTED] W: [EMAIL PROTECTED]
Ubergeek - AnglersWeb, Inc / W3Works, LLC
Data Monger - Gestalt Technology, LLC
"Why is the machine faster?"
"We lubricated the sticky bits, it's much smoother now."
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
