OS: Red Hat Enterprise Linux Server release 6.4 (Santiago)
The current yum installation of apache on this OS is 2.2.15. I require the latest 2.4.x branch so have gone about installing it manually. I have noted the complete procedure I undertook, including unpacking apr and apr-util sources into the apache sources beforehand, but I guess the following is the most important part of the procedure:
GATHER LATEST APACHE AND APR
$ cd ~
$ mkdir apache-src
$ cd apache-src
$ wget http://apache.insync.za.net//httpd/httpd-2.4.6.tar.gz
$ tar xvf httpd-2.4.6.tar.gz
$ cd httpd-2.4.6
$ cd srclib
$ wget http://apache.insync.za.net//apr/apr-1.5.0.tar.gz
$ tar -xvzf apr-1.5.0.tar.gz
$ mv apr-1.5.0 apr
$ rm -f apr-1.5.0.tar.gz
$ wget http://apache.insync.za.net//apr/apr-util-1.5.3.tar.gz
$ tar -xvzf apr-util-1.5.3.tar.gz
$ mv apr-util-1.5.3 apr-util
INSTALL DEVEL PACKAGES
yum update --skip-broken (There is a dependency issue with the latest Chrome needing the latest libstdc++, which is not available for RHEL and CentOS)
yum install apr-devel
yum install apr-util-devel
yum install pcre-devel
INSTALL
$ cd ~/apache-src/httpd-2.4.6
$ ./configure --prefix=/etc/httpd --enable-mods-shared="all" --enable-rewrite --with-included-apr
$ make
$ make install
NOTE: At the time of running the above, /etc/http is empty.
This seems to have gone fine until I attempt to start the httpd service. It seems that every module include in httpd.conf fails with a message similar to this one for mod_rewrite:
httpd: Syntax error on line 148 of /etc/httpd/conf/httpd.conf: Cannot load /etc/httpd/modules/mod_rewrite.so into server: /etc/httpd/modules/mod_rewrite.so: undefined symbol: ap_global_mutex_create
I've gone right through the list of enabled modules in httpd.conf and commented them out one at a time. All trigger an error as above, however the "undefined symbol: value" is often different (so not always ap_global_mutex_create).
Am I missing a step? Although I find a some portion of that error on Google, most of the solutions centre around the .so files not being reachable. That doesn't seem to be an issue here and the modules are present in /etc/http/modules.
NOTE: At the time of running the above, /etc/http is empty.
You have the correct procedure but it's incomplete.
After the installation you have to enable SSL in httpd.conf. and generate server.crt and server.key file.
Below the complete procedure :
1. Download Apache
cd /usr/src
wget http://www.apache.org/dist/httpd/httpd-2.4.23.tar.gz
tar xvf httpd-2.4.23.tar.gz
2. Download APR and APR-Util
cd /usr/src
wget -c http://mirror.cogentco.com/pub/apache/apr/apr-1.5.2.tar.gz
wget -c http://mirror.cogentco.com/pub/apache/apr/apr-util-1.5.4.tar.gz
tar xvf apr-1.5.2.tar.gz
tar xvf apr-util-1.5.4.tar.gz
Now put the APR and APR-Util you downloaded into your apache source files.
mv apr-1.5.2 /usr/src/httpd-2.4.23/srclib/apr
mv apr-util-1.5.4 /usr/src/httpd-2.4.23/srclib/apr-util
3.Compile
cd /usr/src/httpd-2.4.23
./configure --enable-so --enable-ssl --with-mpm=prefork --with-included-apr --with-included-apr-util
make
make install
As you can see in the ./configure command we specify command line options to include apr and apr-utils.
4. Enable SSL in httpd.conf
Apache configuration file httpd.conf is located under /usr/local/apache2/conf.
nano /usr/local/apache2/conf/httpd.conf
Uncomment the httpd-ssl.conf Include line and the LoadModule ssl_module line in the /usr/local/apache2/conf/httpd.conf file :
# LoadModule ssl_module modules/mod_ssl.so
# Include conf/extra/httpd-ssl.conf
View the httpd-ssl.conf to review all the default SSL configurations. For most cases, you don’t need to modify anything in this file.
nano /usr/local/apache2/conf/extra/httpd-ssl.conf
The SSL certificate and key are required before we start the Apache. The server.crt and server.key file mentioned in the httpd-ssl.conf needs to be created before we move forward.
cd /usr/local/apache2/conf/extra
egrep 'server.crt|server.key' httpd-ssl.conf
SSLCertificateFile "/usr/local/apache2/conf/server.crt"
SSLCertificateKeyFile "/usr/local/apache2/conf/server.key"
5. Generate server.crt and server.key file
First, Generate the server.key using openssl.
cd /usr/src
openssl genrsa -des3 -out server.key 1024
The above command will ask for the password. Make sure to remember this password. You need this while starting your Apache later.
Next, generate a certificate request file (server.csr) using the above server.key file.
openssl req -new -key server.key -out server.csr
Finally, generate a self signed ssl certificate (server.crt) using the above server.key and server.csr file.
openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt
Copy the server.key and server.crt file to appropriate Apache configuration directory location.
cp server.key /usr/local/apache2/conf/
cp server.crt /usr/local/apache2/conf/
6. Start Apache
/usr/local/apache2/bin/apachectl start
If you are getting the below error message :
AH00526: Syntax error on line 51 of /usr/local/apache2/conf/extra/httpd-ssl.conf:
Invalid command 'SSLCipherSuite', perhaps misspelled or defined by a module not included in the server configuration
Make sure to uncomment the line shown below in httpd.conf :
vi /usr/local/apache2/conf/httpd.conf
# LoadModule socache_shmcb_module modules/mod_socache_shmcb.so
Finally, this will prompt you to enter the password for your private key before starting up the apache.
Verify that the Apache httpd process is running in the background.
ps -ef | grep http
You should see something like that :
root 29529 1 0 13:08 ? 00:00:00 /usr/local/apache2/bin/httpd -k start
antoine 29530 29529 0 13:08 ? 00:00:00 /usr/local/apache2/bin/httpd -k start
antoine 29531 29529 0 13:08 ? 00:00:00 /usr/local/apache2/bin/httpd -k start
antoine 29532 29529 0 13:08 ? 00:00:00 /usr/local/apache2/bin/httpd -k start
root 29616 18260 0 13:09 pts/0 00:00:00 grep http
By default Apache SSL runs on 443 port. Open a web browser and verify that you can access your Apache using https://{your-ip-address}
I hope this help, else I advise you to go see : http://jasonpowell42.wordpress.com/2013/04/05/install-apache-2-4-4-on-centos-6-4/
baprutil-1.la /usr/src/httpd-2.4.27/srclib/apr/libapr-1.la -lrt -lcrypt -lpthread -ldl -lcrypt
/usr/src/httpd-2.4.27/srclib/apr-util/.libs/libaprutil-1.so: undefined reference to `XML_GetErrorCode'
/usr/src/httpd-2.4.27/srclib/apr-util/.libs/libaprutil-1.so: undefined reference to `XML_SetEntityDeclHandler'
/usr/src/httpd-2.4.27/srclib/apr-util/.libs/libaprutil-1.so: undefined reference to `XML_ParserCreate'
/usr/src/httpd-2.4.27/srclib/apr-util/.libs/libaprutil-1.so: undefined reference to `XML_SetCharacterDataHandler'
/usr/src/httpd-2.4.27/srclib/apr-util/.libs/libaprutil-1.so: undefined reference to `XML_ParserFree'
/usr/src/httpd-2.4.27/srclib/apr-util/.libs/libaprutil-1.so: undefined reference to `XML_SetUserData'
/usr/src/httpd-2.4.27/srclib/apr-util/.libs/libaprutil-1.so: undefined reference to `XML_StopParser'
/usr/src/httpd-2.4.27/srclib/apr-util/.libs/libaprutil-1.so: undefined reference to `XML_Parse'
/usr/src/httpd-2.4.27/srclib/apr-util/.libs/libaprutil-1.so: undefined reference to `XML_ErrorString'
/usr/src/httpd-2.4.27/srclib/apr-util/.libs/libaprutil-1.so: undefined reference to `XML_SetElementHandler'
collect2: error: ld returned 1 exit status
make[2]: *** [htpasswd] Error 1
make[2]: Leaving directory `/usr/src/httpd-2.4.27/support'
make[1]: *** [all-recursive] Error 1
make[1]: Leaving directory `/usr/src/httpd-2.4.27/support'
make: *** [all-recursive] Error 1
This error is received in make step if --with-included-apr-util is not specified in ./configure
Related
I have first created a user for mosquitto:
sudo adduser --system -no-create-home mosquitto
Then I installed some dependencies:
sudo apt-get install libc-ares-dev libcurl4-openssl-dev libmysqlclient-dev
Then I installed mosquitto:
wget http://mosquitto.org/files/source/mosquitto-1.3.5.tar.gz //download mosquitto-1.3.5
tar xvzf mosquitto-1.3.5.tar.gz //unzip tar file
Then cd mosquitto-1.3.5
Then I put config.mk in edit mode using
sudo nano config.mk
Then I searched for SRV by pressing Ctrl + W
Changed With_SRV:=no
Ctrl + O followed by Enter to save
Ctrl + X to exit out of file
Now I need to install Openssl to build mosquitto.
So I installed Openssl using this command:
wget http://www.openssl.org/source/openssl-1.0.0c.tar.gz
Download md5 file to generate md5 code
wget http://www.openssl.org/source/openssl-1.0.0c.tar.gz.md5
Generate md5sum
md5sum openssl-1.0.0c.tar.gz
Generate md5 code
cat openssl-1.0.0c.tar.gz.md5
if both code matches than we have downloaded the file completely
unzip the tar file
tar -xvzf openssl-1.1.0c.tar.gz 54. cd openssl-1.1.0c
Configure the openssl before compiling it
./config --prefix=/usr/local/openssl --openssldir=/usr/local/openssl
Compile openssl
make
Install Openssl
sudo make install
The above line gives error, so the below line of code:
sudo make install_sw
Verify if openssl was installed successfully
/usr/local/openssl/bin/openssl version //get the version number of openssl
Come out of the directory and go to the directory of mosquitto:
cd
cd mosquitto-1.3.5
Install another dependency of mosquitto
sudo apt-get install libssl-dev
Compile Mosquitto
sudo make
Install Mosquitto:
sudo make install
download mosquitto auth plugin from github
git clone https://github.com/jpmens/mosquitto-auth-plug.git
Download hiredis
git clone https://github.com/redis/hiredis.git
Go to hiredis directory and compile it and install it
cd hiredis
make
sudo make install
Go to mosquitto auth plugin directory
cd
cd mosquitto-1.3.5
cd mosquitto-auth-plug
Copy the contents of config.mk.in to config.mk
cp config.mk.in config.mk
Open config.mk in edit mode
sudo nano config.mk
Change these lines of code:
MOSQUITTO_SRC = /home/pi/mosquitto-1.3.5
OPENSSLDIR = /usr/local/openssl
Save the file and come out of it
Ctrl + O followed by Enter then
Ctrl + X to exit
Then I try to compile mosquitto-auth-plug:
make
At this time I get this error:
Selected backends: MySQL
Using mosquitto source dir: /home/pi/mosquitto-1.3.5
OpenSSL install dir: /usr/local/openssl
If you changed the backend selection, you might need to 'make clean' first
CFLAGS: -I/home/pi/mosquitto-1.3.5/src/ -I/home/pi/mosquitto-1.3.5/lib/ -fPIC -Wall -Werror -DBE_MYSQL -I/usr/include/mysql -DBIG_JOINS=1 -fno-strict-aliasing -g -DNDEBUG -I/src -DDEBUG=1 -I/usr/local/openssl/include
LDFLAGS: -L/home/pi/mosquitto-1.3.5/lib/
LDADD: -L/usr/lib/arm-linux-gnueabihf -lmysqlclient -lpthread -lz -lm -ldl -L/usr/local/openssl/lib -lcrypto -lmosquitto
cc -I/home/pi/mosquitto-1.3.5/src/ -I/home/pi/mosquitto-1.3.5/lib/ -fPIC -Wall -Werror -DBE_MYSQL `mysql_config --cflags` -I/src -DDEBUG=1 -I/usr/local/openssl/include -c -o cache.o cache.c
cache.c: In function ‘sha_hash’:
cache.c:48:3: error: implicit declaration of function ‘EVP_MD_CTX_new’ [-Werror=implicit-function-declaration]
EVP_MD_CTX *mdctx = EVP_MD_CTX_new();
^
cache.c:48:23: error: initialization makes pointer from integer without a cast [-Werror]
EVP_MD_CTX *mdctx = EVP_MD_CTX_new();
^
cache.c:53:3: error: implicit declaration of function ‘EVP_MD_CTX_free’ [-Werror=implicit-function-declaration]
EVP_MD_CTX_free(mdctx);
^
cc1: all warnings being treated as errors
<builtin>: recipe for target 'cache.o' failed
make: *** [cache.o] Error 1
So, I removed openssl-1.0.0c and installed openssl-1.1.0c version
Then compiling of mosquitto-auth-plug is done successfully
Then move the files as follows:
sudo mv auth-plug.so /etc/mosquitto
sudo mv /etc/mosquitto/mosquitto.conf.example /etc/mosquitto/mosquitto.conf
edit mosquitto .conf file
sudo nano /etc/mosquitto/mosquitto.conf
Press Ctrl + W to search
search for auth_plugin and write below mentioned commands after the second occurance of auth_plugin
auth_plugin /etc/mosquitto/auth-plug.so
auth_opt_backends mysql
auth_opt_redis_host localhost
auth_opt_redis_port 12885
auth_opt_host localhost
auth_opt_port 3306
auth_opt_dbname HAC
auth_opt_user mqtt_user
auth_opt_pass ###YOUR_PASSWORD###
auth_opt_userquery SELECT pw FROM mqtt_users WHERE username = '%s'
auth_opt_superquery SELECT COUNT(*) FROM mqtt_users WHERE username = '%s' AND super = 1
auth_opt_aclquery SELECT topic FROM mqtt_acls WHERE (username = '%s') AND (rw >= %d)
auth_opt_anonusername AnonymouS
Then save the file by presssing Ctrl + O and then Enter
To exit out of the file press Ctrl + X
Then when I run this command:
/usr/local/sbin/mosquitto -c /etc/mosquitto/mosquitto.conf
I get the following error:
1486888881: mosquitto version 1.3.5 (build date 2017-02-11 22:22:57+0000) starting
1486888881: Config loaded from /etc/mosquitto/mosquitto.conf.
1486888881: Error: Unable to load auth plugin "/etc/mosquitto/auth-plug.so".
Can anybody help me please?
I have already wasted 4 days in searching a solution of this error.
Update:
I have uninstalled mosquitto and installed its latest version. Still getting the same error but its more descriptive this time. Now it says:
mosquitto version 1.4.10 (build date 2017-02-13 22:22:57+0000) starting
Config loaded from /etc/mosquitto/mosquitto.conf.
Error: Unable to load auth plugin "/etc/mosquitto/auth-plug.so".
Load Error: /etc/mosquitto/auth-plug.so: Undefined Symbol: EVP_MD_CTX_reset
I've installed CouchDB on the mac via Homebrew (yay homebrew!):
brew install couchdb
Then I've done a bunch of SSL setup steps (in a shell script) that are detailed in the official documentation: http://docs.couchdb.org/en/1.6.1/config/http.html -
#!/bin/sh
currDir=$(pwd)
mkdir couch_certs
cd couch_certs
openssl genrsa > privkey.pem
openssl req -new -x509 -key privkey.pem -out couchdb.pem -days 1095
chmod 600 privkey.pem couchdb.pem
perl -p -i -e "s#\[daemons\]#[daemons]\nhttpsd = {couch_httpd, start_link, [https]}#" /usr/local/etc/couchdb/default.ini
perl -p -i -e "s#\[ssl\]#[ssl]\ncert_file = ${currDir}/couchdb.pem#" /usr/local/etc/couchdb/default.ini
perl -p -i -e "s#\[ssl\]#[ssl]\nkey_file = ${currDir}/privkey.pem#" /usr/local/etc/couchdb/default.ini
Then (same terminal), I launch couch:
couchdb
In a different terminal I test that:
curl -k https://127.0.0.1:6984/
And get a failure:
curl: (35) Server aborted the SSL handshake
What am I doing wrong?
Note I can get the same error when doing the CouchDB install as an application (section 2.3.1 of http://docs.couchdb.org/en/stable/install/mac.html)
Edit: I think it is an Erlang SSL issue: http://bugs.erlang.org/browse/ERL-74
My root cause was an older version of openssl (the one that came with OS X 10.10.5). After a homebrew install of openssl, and the same key-gen sequence, it all works.
I trying to use the new haproxy with ssl(1.5-dev12). But I have an error with this new feature.
I've installed with:
make TARGET=linux2632 USE_OPENSSL=yes
make PREFIX=/opt/haproxy-ssl install
But when I check my config file, I've this error:
[ALERT] 275/135959 (10998) : parsing [/opt/haproxy-ssl/haproxy.conf:31] : 'bind' : 'ssl' option not implemented.
[ALERT] 275/135959 (10998) : parsing [/opt/haproxy-ssl/haproxy.conf:69] : 'server' expects and [:] as arguments.
[ALERT] 275/135959 (10998) : Error(s) found in configuration file : /opt/haproxy-ssl/haproxy.conf
[WARNING] 275/135959 (10998) : Proxy 'ha_stats': in multi-process mode, stats will be limited to process assigned to the current request.
[WARNING] 275/135959 (10998) : stats socket will not work correctly in multi-process mode (nbproc > 1).
[ALERT] 275/135959 (10998) : Fatal errors found in configuration.
And the haproxy -vv command return:
HA-Proxy version 1.5-dev12 2012/09/10
Built without OpenSSL support (USE_OPENSSL not set)
I don't understand why openssl is not set though I haven't any error during installation.
OS: Debian 2.6.32-5-xen-amd64
OPENSSL: OpenSSL 0.9.8o 01 Jun 2010
Do you have an idea?
Thanks
UPDATE:
Solved with the install of:
libssl-dev
And then, new make target, new prefix and its works.
Install libssl-dev before execute the make command and haproxy with ssl should be works.
You can install latest OpenSSL in both Centos and Ubuntu.
RHEL :
yum install -y make GCC Perl pcre-devel zlib-devel
Ubuntu :
apt-get install build-essential make g++ libssl-dev
Now,
# wget -O /tmp/openssl.tgz https://www.openssl.org/source/openssl-1.0.2-latest.tar.gz
# tar -zxf /tmp/openssl.tgz -C /tmp
# cd /tmp/openssl-*
# ./config --prefix=/usr --openssldir=/etc/ssl --libdir=lib no-shared zlib-dynamic
# make
# make install_sw
You can check that OpenSSL version by below command,
# openssl version
OpenSSL 1.0.2j 26 Sep 2016
I am trying to install Apache HTTP server locally in my box as a regular user (non-root).
I have downloaded Apache 2.4.1 version of Apache HTTP server [http://httpd.apache.org/download.cgi]. However when I am trying to build and install locally in my box I am getting below error:
httpd/httpd-2.4.1 1059> ./configure
checking for chosen layout... Apache
checking for working mkdir -p... yes
checking for grep that handles long lines and -e... /bin/grep
checking for egrep... /bin/grep -E
checking build system type... x86_64-unknown-linux-gnu
checking host system type... x86_64-unknown-linux-gnu
checking target system type... x86_64-unknown-linux-gnu
Configuring Apache Portable Runtime library ...
checking for APR... no
configure: error: APR not found. Please read the documentation.
I am not sure what dependency it is looking for - I mean the download package does not contains it? What I need to do to build / deploy Apache HTTP server?
When it tells you Please read documentation it means that you should go read Apache documentation ( http://httpd.apache.org/docs/2.4/install.html ) which tells you to
download the latest versions of both APR and APR-Util from Apache APR,
unpack them into ./srclib/apr and ./srclib/apr-util (be sure the
domain names do not have version numbers; for example, the APR
distribution must be under ./srclib/apr/)
then do
./configure --with-included-apr
For Ubuntu 11.10 this option seems to be working well:
# APR
wget http://mirrors.axint.net/apache//apr/apr-1.4.6.tar.gz
tar -xvzf apr-1.4.6.tar.gz
cd apr-1.4.6/
./configure
make
make install
cd ..
# APR Utils
wget http://mirrors.axint.net/apache//apr/apr-util-1.4.1.tar.gz
tar -xvzf apr-util-1.4.1.tar.gz
cd apr-util-1.4.1
./configure --with-apr=/usr/local/apr
make
make install
cd ..
# Apache
wget http://apache.petsads.us//httpd/httpd-2.4.1.tar.gz
tar -xvzf httpd-2.4.1.tar.gz
cd httpd-2.4.1
./configure --enable-file-cache --enable-cache --enable-disk-cache --enable-mem-cache --enable-deflate --enable-expires --enable-headers --enable-usertrack --enable-ssl --enable-cgi --enable-vhost-alias --enable-rewrite --enable-so --with-apr=/usr/local/apr/
make
make install
cd ..
You can find more about it below
Source: VaporCreations.com
If you have Debian/Ubuntu you can just:
apt-get install libapr1-dev libaprutil1-dev
Then ./configure
Done
Here are the steps of how I installed apache-httpd on a non-root users:
Download and extract apache-httpd-2.4.2 (but before ./configuring,
making and installing it, follow the steps below:)
Download and extract APR & APR-UTIL into "./srclib/apr" &
"./srclib/apr-util" folders. This requires ./configure
--with-apr=./apache/httpd-2.4.2/srclib/apr (and) --with-included-apr (options).
Download, extract, ./configure (with) --prefix=localURL, make and
make install PCRE into "./pcre" folder. This requires ./configure
--with-pcre=/home/username/apache/pcre (option).
Configure apache-httpd by entring following command (I like to
enable certain options as written in the command below):
./configure --enable-file-cache --enable-cache --enable-disk-cache
--enable-mem-cache --enable-deflate --enable-expires --enable-headers --enable-usertrack --enable-cgi --enable-vhost-alias --enable-rewrite --enable-so --with-apr=/home/username/apache/httpd-2.4.2/srclib/apr --prefix=/home/username/apache/httpd-2.4.2/ --with-included-apr --with-pcre=/home/username/apache/pcre
Note: When configuring apache-httpd, use option "--enable-ssl" ONLY if OpenSSL is installed otherwise DON'T enable it.
Now on the command-line, enter 'make' and 'make install' command.
Open and configure the 'httpd.conf' file e.g.:
"vi /home/eddie_kumar/apache/httpd-2.4.2/conf/httpd.conf"
IMPORTANT: don't forget to change the default port from 80 to something else e.g. 8080, this is especially important for non-root
user. (How to? open httpd.conf -> search "Listen 80" -> change it
to "Listen 8080".
And that's it, now open your browser enter "localhost:8080", it should display "It works!".
If you are using fedora, you can use yum to install APR, APR-Util and PCRE. You'll also need to download apr-devel, apr-util-devel and pcre-devel.
That being said, you can just run the following command on your terminal and no more "configure: error: APR not found.. ..APR-Util and PCRE" errors.
yum -y install arp apr-devel apr-util apr-util-devel pcre pcre-devel
I'm using fedora 17 and planning on using a shell script to setup apache 2.4.3. So yum works pretty slick instead of manually downloading apr, apr-util, and pcre.
1, You need APR (apache portable runtime), which is core component of apache web server
2, If you wnat to do make install, you may need root account
3, Even if not, apache can not start to listen on unprivileged port (lower then 1024) without root account
4, gain root or ask someone with root to install apache from official repo(I don;t know which distro you run) like using yum, apt-get, etc...
Apr or pcre related errors require the source to be downloaded and Apache HTTPD "configure" process needs to be made aware of these source locations on your file system. For instance: if you downloaded the source for APR at ./srclib (relative to apache httpd) then you would use
--with-included-apr
as the configure option.
On the other hand if you want to not build but install APR / APR-UTIL, then you need the following on CentOS / RedHat:
yum install apr-util-devel apr-devel
However it might so happen that the APR version provided by yum does not match what is expected by this version of Apache httpd. In that case you could download APR and APR-UTIL and use the --with-included-apr option.
You could also build PCRE utilizing the same "configure, make, make install" process and then continue where you left off building Apache httpd.
Or you could install pcre:
yum install pcre-devel
If while building PCRE: you see "compile: unrecognized option" then perhaps you would need other dependencies as well: Please see the details at:
http://khanna111.com/wordPressBlog/2012/09/11/94087-2/
It also covers "mod_deflate" and "zlib" as well.
Basic steps
tar -xvf httpd-2.4.1-customized.tar -C ../
#Balancer folder will be created
tar -xvzf openssl-1.0.1.tar.gz -C /balancer/
cd ->/balancer/openssl-1.0.1
./config --prefix=/usr/local/ssl/ shared zlib-dynamic enable-camellia
make depend
make
make install
tar -xvzf pcre-8.30.tar.gz -C ../balancer/
/balancer/pcre-8.30
./configure --prefix=/usr/local/pcre/
make
make install
remove pcre and openssl
Installing and compiling the Apache server on Ubuntu machine
step 1:Install the Java JDK
sudo apt install openjdk-11-jdk
sudo gedit /etc/environment
JAVA_HOME="/usr/lib/jvm/openjdk-11"
source /etc/environment
echo $JAVA_HOME
verify the java version
javac --version
**** install Other required packages:**
sudo apt-get install apache2-dev -y
sudo apt-get install libpcre3 libpcre3-dev
Step 2 :To Install Apache HTTP Server
#1 For ubuntu ,install development tools including the C compiler:
sudo apt-get install build-essential checkinstall
#2 Download and Extract the required files
assuming that all the files have been downloaded into the ~/Downloads directory
Download the Apache HTTP Server httpd-2.4.41.tar.gz from Apache download page (https://httpd.apache.org/download.cgi)
and following required libraries for compiling the apache HTTP server:
apr-1.7.0.tar.gz(http://apr.apache.org/download.cgi)
apr-util-1.6.1.tar.gz(http://apr.apache.org/download.cgi)
pcre2-10.34.tar.gz (ftp://ftp.pcre.org/pub/pcre/) http://pcre.org/
****Read Requirements Section(http://httpd.apache.org/docs/2.4/install.html)***
#3 Extract the tar files
tar -xvf httpd-2.4.41.tar.gz
tar -xvf apr-1.7.0.tar.gz
tar -xvf apr-util-1.6.1.tar.gz
tar -xvf pcre2-10.34.tar.gz
after extraction you should see following list of directories in ~/Downloads
httpd-2.4.41
apr-1.7.0
apr-util-1.6.1
pcre2-10.34
#4 Create a directory for the apache HTTP Server
*make sure to give all rights to this directory so that while compiling files can be read/written
sudo mkdir /home{your username here}/apache
To give all permissions to a apache directory :
sudo chmod -R 777 /home{your username here}/apache
#5 copy the arp and arp-util directory into the ~/Downloads/httpd-2.4.41/srclib/
cd ~/Downloads
mv apr-util-1.6.1 ~/Downloads/httpd-2.4.41/srclib/apr-util
mv apr-1.7.0 ~/Downloads/httpd-2.4.41/srclib/apr
#6 Configure the sources for compilation.
The --prefix option can be used to install the Web server in a location where you can write files.
cd ~/Downloads/httpd-2.4.41/
./configure --prefix=/home/{username here}/apache --with-pcre=~/Downloads/pcre2-10.34
NOTE:
If you have some problems while running above command,you can also try
insallting pcre in /usr/local/pcre, using
./configure --prefix=/usr/local/pcre
make
sudo make install
commands and then by running folllowing commands:
cd ~/Downloads/httpd-2.4.41/
./configure --prefix=/home/{username here}/apache --with-pcre=/usr/local/pcre
make
sudo make install
If you still face some problems ,make sure that ~/apache and its nested directory have read/write permissions. if not run **sudo chmod -R 777 /home{your username here}/apache** command again.
#7 Compile Apache HTTP Server.
cd ~/Downloads/httpd-2.2.25
sudo make
#8 Install Apache HTTP Server.
cd ~/Downloads/httpd-2.2.25
sudo make install
Optional
#9 To Prepare Your Hosts File
sudo gedit /etc/hosts
27.0.0.1 localhost www.example.com
sudo gedit /home/{your username here}/apache/conf/httpd.conf
and copy:
Listen 8000
ServerName www.example.com:8000
#10 Test the installation to ensure Apache HTTP Server is working.
/home/{your username here}//apache/bin/apachectl -k start
Does anyone know the command to determine if OpenSSL and mod_ssl are installed on Apache2?
If you have PHP installed on your server, you can create a php file, let's called it phpinfo.php and add this <?php echo phpinfo();?>, and open the file in your browser, this shows information about your system environment, to quickly find info about your Apache loaded modules, locate 'Loaded Modules' on the resulting page.
If you have PHP installed on your server, you can chek it in runtime using "extension_loaded" funciontion. Just like this:
<?php
if (!extension_loaded('openssl')) {
// no openssl extension loaded.
}
?>
Usually, when you compile your apache2 server (or install it by packages facility stuff), you can check any directive that're available to be used by tapping this command:
~# $(which httpd) -L | grep SSL # on RHEL/CentOS/Fedora
~# $(which apache2) -L | grep SSL # on Ubuntu/Debian
~# $(which httpd2) -L | grep SSL # on SUSE
If you don't see any SSL* directive, it means that you don't have apache2 with mod_ssl compiled.
The default Apache install is configured to send this information on the Server header line. You can view this for any server using the curl command.
$ curl --head http://localhost/
HTTP/1.1 200 OK
Date: Fri, 04 Sep 2009 08:14:03 GMT
Server: Apache/2.2.8 (Unix) mod_ssl/2.2.8 OpenSSL/0.9.8a DAV/2 PHP/5.2.6 SVN/1.5.4 proxy_html/3.0.0
Use the following commands.
$ openssl version
OpenSSL 1.0.1e-fips 11 Feb 2013 (or similar output)
For RHEL/CentOS/Fedora:
$ httpd -t -D DUMP_MODULES | grep ssl
ssl_module (shared)
For Ubuntu/Debian
$ apache2 -t -D DUMP_MODULES | grep ssl
ssl_module (shared)
For SUSE
$ httpd2 -t -D DUMP_MODULES 2>&1 | grep ssl
ssl_module (shared)
Using Apache 2, you can see what modules are currently loaded by the HTTP daemon by running the following command:
apache2ctl -M
The -M option is really just a parameter passed to httpd.
apache2ctl is a front end to the Apache HyperText Transfer Protocol
(HTTP) server. It is
designed to help the administrator control the functioning of the Apache apache2 daemon.
NOTE: The default Debian configuration requires the environment variables APACHE_RUN_USER,
APACHE_RUN_GROUP, and APACHE_PID_FILE to be set in /etc/apache2/envvars.
The apache2ctl script returns a 0 exit value on success, and >0 if an error occurs. For
more details, view the comments in the script.
Fortunately, Most flavors of Linux have OpenSSL "out of the box".
To verify installation:
openssl version
Response:
OpenSSL 1.0.1t 3 May 2016
Note: version OpenSSL 1.0.1 through 1.0.1f (inclusive)
are vulnerable to the OpenSSL Heartbleed Bug.
Versions 1.0.1g and greater are fixed.
For additional install info:
Ubuntu/Debian
dpkg -l | grep -i openssl
Response:
ii libcrypt-openssl-random-perl 0.04-2+b1 amd64 module to access the OpenSSL pseudo-random number generator
ii libcurl3:amd64 7.38.0-4+deb8u5 amd64 easy-to-use client-side URL transfer library (OpenSSL flavour)
ii libgnutls-openssl27:amd64 3.3.8-6+deb8u4 amd64 GNU TLS library - OpenSSL wrapper
ii openssl 1.0.1t-1+deb8u6 amd64 Secure Sockets Layer toolkit - cryptographic utility
ii python-ndg-httpsclient 0.3.2-1 all enhanced HTTPS support for httplib and urllib2 using PyOpenSSL
ii python-openssl 0.14-1 all Python 2 wrapper around the OpenSSL library
ii ssl-cert 1.0.35 all simple debconf wrapper for OpenSSL
Yea, OpenSSL is installed!
To install OpenSSL if you don't have it, try:
Debian/Ubuntu:
sudo apt-get install openssl
RedHat/CentOS:
yum install openssl
To determine openssl & ssl_module
# rpm -qa | grep openssl
openssl-libs-1.0.1e-42.el7.9.x86_64
openssl-1.0.1e-42.el7.9.x86_64
openssl098e-0.9.8e-29.el7.centos.2.x86_64
openssl-devel-1.0.1e-42.el7.9.x86_64
mod_ssl
# httpd -M | grep ssl
or
# rpm -qa | grep ssl
You should install this Apache mod, http://httpd.apache.org/docs/2.0/mod/mod_info.html, it basically gives you a run down of the mods you're using and the Apache settings.
I have this enabled on my Apache and it gives me this info for my website,
Server Version: Apache/2.2.3 (Debian) mod_jk/1.2.18 PHP/5.2.0-8+etch13 mod_ssl/2.2.3 OpenSSL/0.9.8c mod_perl/2.0.2 Perl/v5.8.8
If you just run openssl in your terminal it should present the openSSL shell. My first clue to knowing that I didn't have mode_ssl was when I got the following error after adding SSLEngine on in my virtualhost file:
Invalid command 'SSLEngine', perhaps misspelled or defined by a module not included in the server configuration
In centos I just had to install it via yum install mod_ssl
Just look in the ssl_engine.log in your Apache log directory where you should find something like:
[ssl:info] [pid 5963:tid 139718276048640] AH01876: mod_ssl/2.4.9 compiled against Server: Apache/2.4.9, Library: OpenSSL/1.0.1h
Create a test.php file with the following code in a www folder:
<?php echo phpinfo();?>
When you navigate to that page/URL in the browser. You will see something similar if you have openssl enabled:
Enable mod_ssl in httpd.conf and restart the apache. You will see the openssl information in error.log as below
[Fri Mar 23 15:13:38.448268 2018] [mpm_worker:notice] [pid 8891:tid 1] AH00292: Apache/2.4.29 (Unix) OpenSSL/1.0.2n configured -- resuming normal operations
[Fri Mar 23 15:13:38.448502 2018] [core:notice] [pid 8891:tid 1] AH00094: Command line: '/opt/apps/apache64/2.4.29/bin/httpd'
to verify in php command lie
$php -i | grep openssl
In my case this is how I got the information:
find where apache logs are located, and go there, in my case:
cd /var/log/apache2
find in which log openssl information can be found:
grep -i apache.*openssl *_log
e.g. error_log ...
to get fresh information, restart apache, e.g.
rcapache2 restart # or service apache2 restart
check for last entries in the log, e.g.
/var/log/apache2 # tail error_log
[Thu Jun 09 07:42:24 2016] [notice] Apache/... (Linux/...) mod_ssl/2.2.22 OpenSSL/1.0.1t ...
To find the ssl version
Go to Apache bin folder in command prompt
Enter these commands "openssl version"