'Re: [users@httpd] Where is a good SSL/TLS'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       apache-httpd-users
Subject:    Re: [users@httpd] Where is a good SSL/TLS
From:       "Larry Irwin (work)" <larry.irwin () ccamedical ! com>
Date:       2013-05-21 20:54:54
Message-ID: 519BDF1E.2060109 () ccamedical ! com
[Download RAW message or body]

Hi All,

I compile it on all kinds of kernel levels and the most irritating part 
is a round-robin issue with zlib-1.2.3 and zlib-1.2.5 and other base 
packages that require zlib...

To handle zlib, sometimes it can be scripted, But sometimes it must be 
run line-by-line at a bash prompt...
This is my current workaround to make zlib-1.2.3 available if an 
existing zlib-1.2.5 causes compilation issues:
===== Snippet =====
ShowMsg() {
   echo "Error $1 encountered while working on $PKG. Exiting."
   exit $1
}
echo '# all std libs' > /etc/ld.so.conf.d/allstdlibs.conf
echo '/lib' >> /etc/ld.so.conf.d/allstdlibs.conf
echo '/usr/lib' >> /etc/ld.so.conf.d/allstdlibs.conf
ldconfig
# Install/update zlib
PKG="zlib"
Here=`pwd`
mkdir -p tmp
cd $Here/tmp
tar xzf ../zlib-1.2.3.tar.gz || ShowMsg $?
cd $Here/tmp/zlib* || ShowMsg $?
./configure || ShowMsg $?
make || ShowMsg $?
make install || ShowMsg $?
./configure -s --prexfix=/usr/local || ShowMsg $?
make || ShowMsg $?
# if the above does not work in a scripted environment, try it by hand 
at the prompt
# or, in some *nixes, try the following in the scripted environment
# /bin/bash -c "cd $Here/tmp/zlib-1.2.3; make" || ShowMsg $?
make install || ShowMsg $?
cd $Here/tmp || ShowMsg $?
rm -r zlib* || ShowMsg $?
# Force rpath for dynamic libs for everything else
LD_RUN_PATH=/usr/local/lib
export LD_RUN_PATH
===== End Snippet =====

With that said, I compile openssl (from http://www.openssl.org/source/) 
with:
(I'm sure it will work with the current 1.0.0k as well...)
===== Snippet =====
tar xzf openssl-1.0.0g.tar.gz || exit $?
cd openssl-1.0.0g || exit $?
./config shared --prefix=/usr/local --openssldir=/usr/local/ssl || exit $?
make || exit $?
make test || exit $?
make install || exit $?
===== End Snippet =====

Then I fix up the library paths prior to compiling apache:
===== Snippet =====
echo '# /usr/local/lib[32|64]' > /etc/ld.so.conf.d/locallib.conf
[ -d /usr/local/lib ] && echo '/usr/local/lib' >> 
/etc/ld.so.conf.d/locallib.conf
[ -d /usr/local/lib64 ] && echo '/usr/local/lib64' >> 
/etc/ld.so.conf.d/locallib.conf
[ -d /usr/local/lib32 ] && echo '/usr/local/lib32' >> 
/etc/ld.so.conf.d/locallib.conf
[ -x /usr/local/lib/libssl.so.1.0.0 ] && {
   cd /usr/local/lib
   ln -s libssl.so.1.0.0 libssl.so.1
}
[ -x /usr/local/lib64/libssl.so.1.0.0 ] && {
   cd /usr/local/lib64
   ln -s libssl.so.1.0.0 libssl.so.1
}
[ -x /usr/local/lib32/libssl.so.1.0.0 ] && {
   cd /usr/local/lib32
   ln -s libssl.so.1.0.0 libssl.so.1
}
ldconfig
===== End Snippet =====

Then compile apache:
===== Snippet =====
tar xzf httpd-2.2.22.tar.gz || exit $?
cd httpd-2.2.22 || exit $?
LDFLAGS="-L/usr/local/lib"; export LDFLAGS
./configure --prefix=/usr/local/apache2 \
   --enable-so\
   --enable-cgi\
   --enable-info\
   --enable-rewrite\
   --enable-speling\
   --enable-usertrack\
   --enable-deflate \
   --enable-ssl\
   --enable-mime-magic\
   --with-ssl=/usr/local
make || exit $?
===== End Snippet =====

Then php, curl and related packages...
Hope that helps!
Larry

-- 
Larry Irwin
V.P. Development
CCA Medical
Ph: 864-233-2700 ext 225
Fax: 864-271-1755
Cell: 864-525-1322
Email: larryi@ccamedical.com
AIM: mkitwrk
Skype: larry_irwin
WinMsgr: larryi@ccamedical.com
About: http://about.me/larry_irwin


On 05/21/2013 04:05 PM, Smith, Burton wrote:
>
> I've been trying to figure out how to compile Apache 2.2 on Red Hat 
> Enterprise Linux Server release 6.4 (Santiago).  I can generate both 
> the "No recognized SSL/TLS toolkit detected" and "Error, SSL/TLS 
> libraries were missing or unusable" errors.  I assume that means I 
> have found the correct "--with-ssl" path based on various openSSL 
> configurations.  I know I need a good mod_ssl and mod_jk.  If there is 
> an alternate way to get the modules I'm missing, that would be cool too.
>
> ---
>
> Thanks,
>
> Burton L. Smith
>
> w:801-584-6164
>
> c:801-201-2897
>

[Attachment #3 (text/html)]

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
  <meta content="text/html; charset=ISO-8859-1"
 http-equiv="Content-Type">
  <title></title>
</head>
<body bgcolor="#ffffff" text="#000000">
Hi All,<br>
<br>
I compile it on all kinds of kernel levels and the most irritating part
is a round-robin issue with zlib-1.2.3 and zlib-1.2.5 and other base
packages that require zlib...<br>
<br>
To handle zlib, sometimes it can be scripted, But sometimes it must be
run line-by-line at a bash prompt...<br>
This is my current workaround to make zlib-1.2.3 available if an
existing zlib-1.2.5 causes compilation issues:<br>
===== Snippet =====<br>
ShowMsg() {<br>
&nbsp; echo "Error $1 encountered while working on $PKG. Exiting."<br>
&nbsp; exit $1<br>
}<br>
echo '# all std libs' &gt; /etc/ld.so.conf.d/allstdlibs.conf<br>
echo '/lib' &gt;&gt; /etc/ld.so.conf.d/allstdlibs.conf<br>
echo '/usr/lib' &gt;&gt; /etc/ld.so.conf.d/allstdlibs.conf<br>
ldconfig<br>
# Install/update zlib<br>
PKG="zlib"<br>
Here=`pwd`<br>
mkdir -p tmp<br>
cd $Here/tmp<br>
tar xzf ../zlib-1.2.3.tar.gz || ShowMsg $?<br>
cd $Here/tmp/zlib* || ShowMsg $?<br>
./configure || ShowMsg $?<br>
make || ShowMsg $?<br>
make install || ShowMsg $?<br>
./configure -s --prexfix=/usr/local || ShowMsg $?<br>
make || ShowMsg $?<br>
# if the above does not work in a scripted environment, try it by hand
at the prompt<br>
# or, in some *nixes, try the following in the scripted environment<br>
# /bin/bash -c "cd $Here/tmp/zlib-1.2.3; make" || ShowMsg $?<br>
make install || ShowMsg $?<br>
cd $Here/tmp || ShowMsg $?<br>
rm -r zlib* || ShowMsg $?<br>
# Force rpath for dynamic libs for everything else<br>
LD_RUN_PATH=/usr/local/lib<br>
export LD_RUN_PATH<br>
===== End Snippet =====<br>
<br>
With that said, I compile openssl (from <a
 href="http://www.openssl.org/source/">http://www.openssl.org/source/</a>)
with:<br>
(I'm sure it will work with the current 1.0.0k as well...)<br>
===== Snippet =====<br>
tar xzf openssl-1.0.0g.tar.gz || exit $?<br>
cd openssl-1.0.0g || exit $?<br>
./config shared --prefix=/usr/local --openssldir=/usr/local/ssl || exit
$?<br>
make || exit $?<br>
make test || exit $?<br>
make install || exit $?<br>
===== End Snippet =====<br>
<br>
Then I fix up the library paths prior to compiling apache:<br>
===== Snippet =====<br>
echo '# /usr/local/lib[32|64]' &gt; /etc/ld.so.conf.d/locallib.conf<br>
[ -d /usr/local/lib ] &amp;&amp; echo '/usr/local/lib' &gt;&gt;
/etc/ld.so.conf.d/locallib.conf<br>
[ -d /usr/local/lib64 ] &amp;&amp; echo '/usr/local/lib64' &gt;&gt;
/etc/ld.so.conf.d/locallib.conf<br>
[ -d /usr/local/lib32 ] &amp;&amp; echo '/usr/local/lib32' &gt;&gt;
/etc/ld.so.conf.d/locallib.conf<br>
[ -x /usr/local/lib/libssl.so.1.0.0 ] &amp;&amp; {<br>
&nbsp; cd /usr/local/lib<br>
&nbsp; ln -s libssl.so.1.0.0 libssl.so.1<br>
}<br>
[ -x /usr/local/lib64/libssl.so.1.0.0 ] &amp;&amp; {<br>
&nbsp; cd /usr/local/lib64<br>
&nbsp; ln -s libssl.so.1.0.0 libssl.so.1<br>
}<br>
[ -x /usr/local/lib32/libssl.so.1.0.0 ] &amp;&amp; {<br>
&nbsp; cd /usr/local/lib32<br>
&nbsp; ln -s libssl.so.1.0.0 libssl.so.1<br>
}<br>
ldconfig<br>
===== End Snippet =====<br>
<br>
Then compile apache:<br>
===== Snippet =====<br>
tar xzf httpd-2.2.22.tar.gz || exit $?<br>
cd httpd-2.2.22 || exit $?<br>
LDFLAGS="-L/usr/local/lib"; export LDFLAGS<br>
./configure --prefix=/usr/local/apache2 \<br>
&nbsp; --enable-so\<br>
&nbsp; --enable-cgi\<br>
&nbsp; --enable-info\<br>
&nbsp; --enable-rewrite\<br>
&nbsp; --enable-speling\<br>
&nbsp; --enable-usertrack\<br>
&nbsp; --enable-deflate \<br>
&nbsp; --enable-ssl\<br>
&nbsp; --enable-mime-magic\<br>
&nbsp; --with-ssl=/usr/local<br>
make || exit $?<br>
===== End Snippet =====<br>
<br>
Then php, curl and related packages...<br>
Hope that helps!<br>
Larry<br>
<pre class="moz-signature" cols="72">-- 
Larry Irwin
V.P. Development
CCA Medical
Ph: 864-233-2700 ext 225
Fax: 864-271-1755
Cell: 864-525-1322
Email: <a class="moz-txt-link-abbreviated" \
                href="mailto:larryi@ccamedical.com">larryi@ccamedical.com</a>
AIM: mkitwrk
Skype: larry_irwin
WinMsgr: <a class="moz-txt-link-abbreviated" \
                href="mailto:larryi@ccamedical.com">larryi@ccamedical.com</a>
About: <a class="moz-txt-link-freetext" \
href="http://about.me/larry_irwin">http://about.me/larry_irwin</a></pre> <br>
On 05/21/2013 04:05 PM, Smith, Burton wrote:
<blockquote
 cite="mid:B39A95111432B04EB49CCA33F4D06C3801996E657F@WMSHOUXMB01.WILLIAMS.COM"
 type="cite">
  <meta http-equiv="Content-Type"
 content="text/html; charset=ISO-8859-1">
  <meta name="Generator" content="Microsoft Word 12 (filtered medium)">
  <style><!--
/* Font Definitions */
@font-face
	{font-family:"Cambria Math";
	panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
	{font-family:Calibri;
	panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
	{font-family:Consolas;
	panose-1:2 11 6 9 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
	{margin:0in;
	margin-bottom:.0001pt;
	font-size:11.0pt;
	font-family:"Calibri","sans-serif";}
a:link, span.MsoHyperlink
	{mso-style-priority:99;
	color:blue;
	text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
	{mso-style-priority:99;
	color:purple;
	text-decoration:underline;}
p.MsoPlainText, li.MsoPlainText, div.MsoPlainText
	{mso-style-priority:99;
	mso-style-link:"Plain Text Char";
	margin:0in;
	margin-bottom:.0001pt;
	font-size:10.5pt;
	font-family:Consolas;}
span.EmailStyle17
	{mso-style-type:personal-compose;
	font-family:"Calibri","sans-serif";
	color:windowtext;}
span.PlainTextChar
	{mso-style-name:"Plain Text Char";
	mso-style-priority:99;
	mso-style-link:"Plain Text";
	font-family:Consolas;}
.MsoChpDefault
	{mso-style-type:export-only;}
@page WordSection1
	{size:8.5in 11.0in;
	margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
	{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
  <div class="WordSection1">
  <p class="MsoPlainText">I've been trying to figure out how to compile
Apache 2.2 on Red Hat Enterprise Linux Server release 6.4 (Santiago).&nbsp;
I can generate both the "No recognized SSL/TLS toolkit detected" and
"Error, SSL/TLS libraries were missing or unusable" errors.&nbsp; I assume
that means I have found the correct "--with-ssl" path based on various
openSSL configurations.&nbsp; I know I need a good mod_ssl and mod_jk.&nbsp; If
there is an alternate way to get the modules I'm missing, that would be
cool too.<o:p></o:p></p>
  <p class="MsoNormal"><o:p>&nbsp;</o:p></p>
  <p class="MsoNormal"><span style="color: rgb(31, 73, \
125);">---<o:p></o:p></span></p>  <p class="MsoNormal"><span style="color: rgb(31, \
73, 125);">Thanks,<o:p></o:p></span></p>  <p class="MsoNormal"><span style="color: \
rgb(31, 73, 125);">Burton L. Smith<o:p></o:p></span></p>
  <p class="MsoNormal"><span style="color: rgb(31, 73, \
125);">w:801-584-6164<o:p></o:p></span></p>  <p class="MsoNormal"><span style="color: \
rgb(31, 73, 125);">c:801-201-2897<o:p></o:p></span></p>  <p \
class="MsoNormal"><o:p>&nbsp;</o:p></p>  </div>
</blockquote>
</body>
</html>



[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic