LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Software (https://www.linuxquestions.org/questions/linux-software-2/)
-   -   Downgrade apache 2 to 1.3 ssl problems... (https://www.linuxquestions.org/questions/linux-software-2/downgrade-apache-2-to-1-3-ssl-problems-126025/)

jimieee 12-15-2003 09:25 AM

Downgrade apache 2 to 1.3 ssl problems...
 
Hi I'm downgrading apache 2 on my Redhat 9 server because I want to use a cms that doesn't support apache 2 yet (2 causes problems with workflows and general admin functions).

My problem is that once I've made and installed apache I can't start it with ssl support:

# /usr/sbin/apachectl startssl
Syntax error on line 1070 of /etc/httpd/conf/httpd.conf:
Invalid command 'SSLEngine', perhaps mis-spelled or defined by a module not included in the server configuration
/usr/sbin/apachectl startssl: httpd could not be started

At first I thought it was maybe something to do with SSLEngine being an apache 2 only command, Is this the case? The reason why I'm not so sure it because httpd.conf (appears) to be a brand-new config file, generated by the make; make install process.

This is how I've gone about it so far:

# apt-get remove httpd

(this removed httpd mod_auth_mysql mod_auth_pgsql mod_perl mod_python mod_ssl php php-imap php-ldap php-manual php-mysql php-odbc php-pgsql packages)

I didn't want to remove open-ssl or mysql because it seemed unnecessary and, as I'm sure you can probably imagine, I have quite a few other programs that depend on open-ssl in a system I also use as a workstation!

Then download and configure mod_ssl with

./configure --with-apache=../apache_1.3.29/ (where my unpacked apache sources are) --with-ssl --enable-shared=ssl

Then download and configure apache like so:

./configure --with-layout=config.layout:RedHat --enable-module=ssl --enable-shared=ssl --enable-module=rewrite --enable-shared=rewrite --enable-module=so

Then make; make install in the apache sources directory

I haven't gotten around to sorting out php yet, I thought I'd do one thing at a time - is this a good approach? I think the problem is most likely because apache doesn't know where/how to use ssl, does this sound about right?

Thanks in advance,

~James~

UPDATE: I tried playing with the apache configuration and found that setting SSL_BASE to SSL_BASE=/usr will work in the configure script, only when I add AddModule mod_ssl.c

# /usr/sbin/apachectl startssl
Syntax error on line 232 of /etc/httpd/conf/httpd.conf:
Cannot add module via name 'mod_ssl.c': not in list of loaded modules
/usr/sbin/apachectl startssl: httpd could not be started

jimieee 12-19-2003 04:09 AM

By the way, I found what I was doing wrong in an article (http://blogs.law.harvard.edu/rlucas/2003/08/18).

Incase anyone's interested: Apparently there are some issues with the way Redhat installs kerberos part of openssl, all you have to do to fix it is so put

if pkg-config openssl; then
CFLAGS="$CFLAGS `pkg-config --cflags openssl`"
LDFLAGS="$LDFLAGS `pkg-config --libs-only-L openssl`"
fi

in the ./configure for Apache.

~James~


All times are GMT -5. The time now is 12:04 PM.