Installing Apache under RHEL 6.1, September 2012.
See also Installing Apache under Solaris below.
Update the system: yum update
.
Reboot.
webuser
instead of
as user apache
. See
FAQ/ Web/ Creating An EECS Homepage.
See What do I change after changing the uid or gid?
This means that httpd.conf
should have
User webuser Group webuserResources:
yum install httpd httpd-devel /etc/init.d/httpd start
yum install php php-mysql php-common php-gd php-mbstring php-mcrypt php-devel php-xml /etc/init.d/httpd restartSome of these packages (php-mycrypt, php-devel, php-xml) were not available for me.
See Upgrading PhPMySQL.
Note that Solaris 10 usually has OpenSSL installed in
/usr/sfw
. We install our own version so that
we can better manage it. This might be a mistake.
We use shared
so that we can create
shared libraries for use by other packages.
Download the most recent version from
http://www.openssl.org
.
Note: do not run openssl's config as root.
If you do, then /dev/null
will be removed.
% cd /home/tools/openssl-1.0.0e % ./config \ --prefix=/usr/local/openssl-1.0.0e \ --openssldir=/usr/local/openssl-1.0.0e \ -fPIC shared % gmake >& make.out & % tail -f make.out ^C % make test (As root): $ gmake install >& install.out & $ tail -f install.out ^C $ cd /usr/local $ rm ssl $ ln -s openssl-1.0.0e ssl
Note: make sure that the Amanda backup system still works
ldd /usr/local/amanda/libexec/amanda/amandadshould find libssl.so. If it does not work, then make links.
root@andrews:/usr/local# ldd /usr/local/amanda/libexec/amanda/amandad ... libssl.so.0.9.8 => (file not found) libcrypto.so.0.9.8 => (file not found) ... root@andrews:/usr/local# cd /usr/local/lib root@andrews:/usr/local/lib# ls -l libssl* -rwxr-xr-x 1 root 1330380 Aug 16 2007 libssl.so.0.9.7 lrwxrwxrwx 1 root 26 Jun 22 2009 libssl.so.0.9.8 -> ../ssl/lib/libssl.so.0.9.8 root@andrews:/usr/local/lib# rm libssl.so.0.9.8 root@andrews:/usr/local/lib# ln -s ../openssl-0.9.8i/lib/libssl.so.0.9.8 . root@andrews:/usr/local/lib# ls -l libcrypto* -rwxr-xr-x 1 root 1441912 Aug 16 2007 libcrypto.so.0.9.7 lrwxrwxrwx 1 root 29 Jun 22 2009 libcrypto.so.0.9.8 -> ../ssl/lib/libcrypto.so.0.9.8 root@andrews:/usr/local/lib# rm libcrypto.so.0.9.8 root@andrews:/usr/local/lib# ln -s ../openssl-0.9.8i/lib/libcrypto.so.0.9.8 . root@andrews:/usr/local/lib# ldd /usr/local/amanda/libexec/amanda/amandad
cd /home/tools/cronolog-1.6.2 ./configure make make install
% cd /home/tools/httpd-2.2.20 % ./configure \ --prefix=/usr/local/apache-2.2.20 \ --datadir=/home/www \ --enable-so \ --enable-ssl \ --enable-rewrite \ --with-ssl=/usr/local/ssl \ --disable-ipv6 \ --with-included-apr
We use--disable-ipv6
to avoidNetwork is unreachable: connect to listener
in theerror_log
file.
We use--with-included-apr
to avoidchecking for APR-util... yes configure: error: Cannot use an exte al APR-util with the bundled APRSeehttp://issues.apache.org/bugzilla/show_bug.cgi?id=42089
% gmake >& make.out & % tail -f make.out ^C
Undefined first referenced symbol in file BIO_set_callback .libs/ab.o BIO_set_callback_arg .libs/ab.o BIO_get_callback_arg .libs/ab.o SSL_CTX_set_info_callback .libs/ab.oFix: Make sure that
/usr/local/openssl
points to the recently installed version of OpenSSL.
Undefined first referenced symbol in file find_if_index /export/home/tools/httpd-2.2.4/srclib/apr/.libs/libapr-1.so
http://issues.apache.org/bugzilla/show_bug.cgi?id=39199
Patch srclib/apr/network_io/unix/multicast.c
according to http://svn.apache.org/viewvc/apr/apr/trunk/network_io/unix/multicast.c?r1=493802&r2=493801&pathrev=493802
and rerun make
Undefined first referenced symbol in file ap_bucket_type_error modules/http/.libs/libmod_http.a(http_filters.o) ap_register_provider modules/aaa/.libs/libmod_authn_file.a(mod_authn_file.o) ap_bucket_error_create modules/http/.libs/libmod_http.a(http_filters.o) ap_lookup_provider modules/aaa/.libs/libmod_auth_basic.a(mod_auth_basic.o)I'm not sure about this one. I ended up copying the command that failed into a separate file and adding
-Lserver/.libs -lmain
.
Or, edit build/config_vars.mk
and add -Lserver/.libs -lmain
to
the AP_LIBS
line that has -lsocket
.
(cd /usr/local/apache-2.2.6/lib && { ln -s -f libaprutil-1.so.0.2. 11 libaprutil-1.so || { rm -f libaprutil-1.so && ln -s libaprutil- 1.so.0.2.11 libaprutil-1.so; }; }) Usage: ln [-f] [-s] f1 ln [-f] [-s] f1 f2 ln [-f] [-s] f1 ... fn d1so, under bash as root, I did
export PATH=/usr/bin:${PATH}so that I get the write version of
ln
Also, I got this:
Installing man pages and online manual ld.so.1: rsync: fatal: libpopt.so.0: open failed: No such file or directoryso I did this
export LD_LIBRARY_PATH=/usr/local/lib
$ make install >& install.out & $ tail -f install.out ^C
If this is not an upgrade installation, as root, make a new certificate See How do I self-sign a certficate? or copy the old certificates (and configuration files).
If apache is being upgraded, run:
$ cd /usr/local/apache-2.2.20/conf $ (cd ../../apache/conf; tar -cf - *.crt *.key) | tar -xpf - $ cp ../../apache/conf/tomcat-mod_jk.conf . $ cp ../../apache/conf/rewrite.conf . $ cp /usr/local/apache/modules/mod_jk.so ../modules/ $ cd /usr/localNote: We do not change the
/usr/local/apache
link until we are ready to
build MySQL or PhP. The MySQL and PhP configuration should be done with the version of
apache in place that will be used at run time.
Now configure httpd.conf, according to http://www.php.net/manual/en/install.apache.php, and the existing httpd.conf settings.
One way is to use diff between the old and the new:
diff ../../apache-2.2.17/conf/httpd.conf .
Another way is to make changes.
Changes made from the default: - LoadModule php4_module modules/libphp4.so No Longer Neccessary: - ExtendedStatus: uncommented, "On" - Port: 8080 -> 80 - User, Group: daemon -> apache, for both - ServerAdmin: you@example.com -> root@andrews.eecs.berkeley.edu No Longer Necessary: - Change "Listen" args from 8080 and 8443 to 80 and 443, respectively, in "<IfDefine SSL>" section. - UseCanonicalName: Off -> On - ServerName: comment out, move to <VirtualHost -> contexts - DocumentRoot: comment out, move to <VirtualHost> contexts - First <Directory> section /home/www/htdocs -> home/www/gsrcwww - Duplicate <Directory> section for - /home/www/chesswww, - /home/www/embeddedwww, - /home/www/php, - /home/www/bugzilla. Check the options against the previous-version http.conf. - Add "index.jsp and index.shtml arguments to "DirectoryIndex index.html" line: DirectoryIndex index.html index.jsp index.shtml - Exclude CVS directories >DirectoryMatch /CVS/< Order Deny,Allow Deny from All >/DirectoryMatch< - ErrorLog: Use cronolog, see prev. file - No longer necessary: - Comment out "/manual" alias and its <Directory> section - Comment out "ScriptAlias /cgi-bin/", move to <VirtualHosts> contexts - No longer necessar, we have no kiosk: - Add kiosk <Directory> section after '<Directory "/home/www/cgi-bin">' - Add 'Include "/usr/local/apache/conf/rewrite.conf"'. - Add "AddType" lines for .php, .php3, .phps, JNLP, .jnlp (to match previous ver) - Un-comment "AddHandler cgi-script .cgi" - On markov, add NameVirtualHost lines, with SSL port numbers. - Add a <VirtualHost> context for each virtual host: gigascale, chess, e3s-center, embedded and trust: <VirtualHost <IP_address>:80> ServerName: <website_name> DocumentRoot /home/www/[gsrc|chess|embedded]www TransferLog "|/usr/local/cronolog/sbin/cronolog -l /usr/local/apache/logs/access_log_<name> /usr/local/apache/logs/%Y/%m/%d/access_log_<name>" CustomLog "|/usr/local/cronolog/sbin/cronolog -l /usr/local/apache/logs/agent_log /usr/local/apache/logs/%Y/%m/%d/agent_log" agent Alias /pipermail/ "<mailman_home>/archives/public/" ScriptAlias /cgi-bin/ "/home/www/<name>www/cgi-bin/" ScriptAlias /mailman/ "<mailman_home>/cgi-bin/" # This can't just be included once at the top. It must be in each # <VirtualHost> context: Include "/usr/local/apache/conf/rewrite.conf" </VirtualHost>
Make the following changes to /usr/local/apache/conf/extra/httpd-ssl.conf
One was is to use diff:
diff /usr/local/apache-2.2.17/conf/extra/httpd-ssl.conf /usr/local/apache-2.2.20/conf/extra/httpd-ssl.conf
The otherway is to just edit the file.
This file used to be /usr/local/apache/ssl.conf
- On carson, add "Listen" lines for ports 4430 and 4431 for the testbed virtual hosts. - Add a <VirtualHost> section for each virtual host: <VirtualHost <IP_address>:<port>> ServerName <website_name> DocumentRoot /home/www/[gsrc|chess|embedded]www TransferLog "|/usr/local/cronolog/sbin/cronolog -l /usr/local/apache/logs/access_log_<name> /usr/local/apache/logs/%Y/%m/%d/access_log_<name>" CustomLog "|/usr/local/cronolog/sbin/cronolog -l /usr/local/apache/logs/agent_log /usr/local/apache/logs/%Y/%m/%d/agent_log" agent SSLEngine on SSLCertificateFile /usr/local/apache-2.0.54/conf/<name>-crt/server.crt SSLCertificateKeyFile /usr/local/apache-2.0.54/conf/<name>-crt/server.key <Files ~ ".(cgi|shtml|phtml|php3?)$"> SSLOptions +StdEnvVars </Files> <Directory "/home/www/<name>www/cgi-bin"> SSLOptions +StdEnvVars </Directory> SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0 CustomLog logs/ssl_request_log "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x "%r" %b" Include "/usr/local/apache/conf/rewrite.conf" </VirtualHost>
The easiest way to see what changes are necessary is to do a diff between the old httpd.conf
and
the new one. Pay particular attention to includes for
the vhosts and ssl files, usually extras/http-vhosts.conf
and extras/httpd-ssl.conf
.
The vhosts and ssl files will also need to be updated.
You will also need to update rewrite.conf
and files in /usr/local/apache/modules
and /usr/local/apache/libexec
.
Also, edit /usr/local/extras/httpd-mpm.conf
and change MaxRequestPerChild
from 0 to 10000. For details, see Server Crash: Not enough space: fork: Unable to fork new process
Download and unpack the 5.3.3 release from http://www.php.net
.
% cd /home/tools/php-5.3.3(INSTALL file here directs user to more up-to-date documentation at http://www.php.net/manual/en/install.apache.php. Proceeding according to that document.)
which awk; awk --version
. You should get
GNU awk:
bash-3.00$ which awk /usr/local/bin/awk bash-3.00$ awk --version GNU Awk 3.1.4 Copyright (C) 1989, 1991-2003 Free Software Foundation.If you don't use
gawk
, then make test
will fail with segfaults, see
http://bugs.php.net/bug.php?id=32850.
/bin
must come before /usr/ucb
on PATH, due to a bug in /usr/ucb/tr
.
/usr/sfw/bin
must be before
/usr/local/bin
because gmake tests
will fail with a segfault if PHP is compiled with
gcc-4.1.1. Instead, we use /usr/sfw/bin/gcc
,
which is gcc-3.4.3
/usr/local/lib/php
:
cp -r /usr/local/lib/php /usr/local/lib/php.old
http://www.sunfreeware.com
and check for
the latest versions./home/tools/downloads
pkginfo | grep pkgName pkgrm SMCpkgName pkgadd -d downloadedAndUnzippedFile
./configure
, make sure that /usr/local/apache
points to the updated version of apache
% export PATH=/usr/sfw/bin:/usr/local/bin:/usr/bin:/bin:${PATH} % export CFLAGS='-O2 -I/usr/local/ssl/include' % ./configure --with-mysql=/usr/local/mysql --with-gdbm=/usr/local --with-ndbm --with-mysqli=/opt/mysql/mysql/bin/mysql_config --with-apxs2=/usr/local/apache/bin/apxs
Note:
We used to include --with-dba --enable-memory-limit
, but as of php-5.4.2, these
were not necessary
Note: You may need to install libxml2. If configure above fails with:
Configuring extensions checking whether to enable LIBXML support... yes checking libxml2 install dir... no checking for xml2-config path... /usr/bin/xml2-config configure: error: libxml2 version 2.6.11 or greater required.Download libxml2 from
http://www.sunfreeware.com
wget ftp://ftp.sunfreeware.com/pub/freeware/sparc/10/libxml2-2.6.26-sol10-sparc-local.gz gunzip libxml2-2.6.26-sol10-sparc-local.gz pkgadd -d libxml2-2.6.26-sol10-sparc-localNote: You may need to run
pkgrm SUNWxml2
before running pkgadd
.
libxml2 requires iconv
, which
was also obtained from
http://www.sunfreeware.com
.
Note: You may need to install gdbm. If configure above fails with
configure: error: DBA: Could not find necessary header file(s).then download gdbm from
http://www.sunfreeware.com
. I installed gdbm-1.8.3
gunzip gdbm-1.8.3-sol10-sparc-local.gz pkgadd -d gdbm-1.8.3-sol10-sparc-localContinuing with the php build:
% gmake > make.out & % tail -f make.out ^CThen run the tests:
gmake test
(gdb) where #0 _zval_ptr_dtor (zval_ptr=0x3c9540) at /export/home1/root/tools/tmp/php-5.2.4/Zend/zend_execute_AP I.c:412 #1 0x0027fc9c in zend_do_fcall_common_helper_SPEC ( execute_data=0xffbfbae4) at zend_execute.h:155 #2 0x0027012c in execute (op_array=0xffbff2e8) at zend_vm_execute.h:92 #3 0x0024ff5c in zend_execute_scripts (type=-2115502080, retval=V ariable "retval" is not available. ) at /export/home1/root/tools/tmp/php-5.2.4/Zend/zend.c:1134 #4 0x0020a7b0 in php_execute_script (primary_file=0x81e80000) at /export/home1/root/tools/tmp/php-5.2.4/main/main.c:1982 #5 0x002da424 in main (argc=-2115502080, argv=0x91d0203a) at /export/home1/root/tools/tmp/php-5.2.4/sapi/cli/php_cli.c:1 140The solution is to use gcc-3.4.3 by having
/usr/sfw/bin
in your path before
/usr/local/bin
.
Another problem while running the tests is:
ERROR: Cannot open file '/export/home1/root/tools/php-5.2.8/ext/standard/tests/file/copy_variation4.clean.php' (save_text)That file is in the php tar file, but seems to get removed? I ended up doing the install anyway . . .
$ make install >& install.out & $ tail -f install.out ^CThis should add the following line to /usr/local/apache/conf/httpd.conf:
LoadModule php4_module modules/libphp4.so
Rename /usr/local/lib/php.ini to php.ini- (or whatever).
$ diff php.ini-production /usr/local/lib/php.iniUpdate
/usr/local/lib/php.ini
as necessary.
It is usually best to copy:
root@carson:/export/home/tools/php-5.3.3# diff php.ini-production /usr/local/lib/php.ini 334c334,336 < allow_call_time_pass_reference = Off --- > ; cxh > ;allow_call_time_pass_reference = Off > allow_call_time_pass_reference = On 378a381,383 > ;cxh: set open_basedir http://phpsec.org/projects/phpsecinfo/tests/open_basedi r.html > ;cxh: /home/bldmastr is needed for ptexternal/nightly/doccheck > ;open_basedir = "/home/apache:/home/www:/home/bldmastr:/home1/bldmastr:/export /home/bldmastr:/export/home1/bldmastr:/tmp:/home/mailman_1:/home/mailman_2:/home /mailman_3:/home/mailman_4" 430a436,437 > ; cxh: Turn expose_php off, see http://phpsec.org/projects/phpsecinfo/tests/ex pose_php.html > ;expose_php = Off 514c521,523 < error_reporting = E_ALL & ~E_DEPRECATED --- > ; cxh: notices were filling things up > ;error_reporting = E_ALL & ~E_DEPRECATED > error_reporting = E_ALL & ~E_NOTICE | E_STRICT 635a645 > ; cxh: log in a non-temporary directory 636a647 > error_log = /export/home1/tmp/php.err 744c755,757 < magic_quotes_gpc = Off --- > ; cxh: needed for phyMyAdmin: http://carson.eecs.berkeley.edu/mysql > ;magic_quotes_gpc = Off > magic_quotes_gpc = On 783a797 > ;cxh: include our website 784a799 > include_path = "/home/www/php:." 875a891,892 > ; cxh: ; Set upload_tmp_dir to a safe location http://phpsec.org/projects/phps ecinfo/tests/upload_tmp_dir.html > upload_tmp_dir = /home/www/tmp 879c896,897 < upload_max_filesize = 2M --- > ; cxh increase to 20Mb > upload_max_filesize = 20M 889a908,909 > ; Leave this enabled so that the mailman interface works. If you dont, > ; then people will not be added to the lists (cxh, 1/09) 1476a1497 > ; cxh: http://phpsec.org/projects/phpsecinfo/tests/save_path.html 1477a1499 > session.save_path = "/home/www/tmp" 1478a1501 >
error_log = /export/home1/tmp/php.err
Go to Options -> View PHP Info
http://chesstst.eecs.berkeley.edu/options/power/phpinfo
http://chess.eecs.berkeley.edu/options/power/phpinfo
and make sure that PHP has been updated.
If it has not been updated, then check /etc/init.d/apachectl
and make sure that newly updated version
of Apache is being run.
Download the latest Apache-2-compatible version of mod_jk.so.
I got mine from
http://apache.mirrors.pair.com/jakarta/tomcat-connectors/jk/binaries/solaris/jk-1.2.6/jakarta-tomcat-connectors-jk-1.2.6-solaris8-sparc-apache-2.0.43_native.so
See also
http://jakarta.apache.org/site/downloads/downloads_tomcat-connectors.cgi
Install it as mod_jk.so in /usr/local/apache-2.0.54/libexec.
The next step is to Set up Java
/etc
so that it the server is started up each time
cp /usr/local/apache/bin/apachectl /etc/init.d cd /etc/rc3.d ln -s ../init.d/apachectl S50apachectlWe used to edit
/etc/init.d/apachectl
so
that we run startssl
in the default, but
this is no longer necessary.
For details, see
When I click on login, I get a server not responding message.
/etc/init.d/apachectl startIf it doesn't start, take a look in /usr/local/apache/logs.
Test the website on markov.
% ssh gigascale -l root $ cd /usr/local $ ssh markov 'cd /usr/local; tar cf - apache-2.0.54' | tar xvpf - $ cd /usr/local/apche-2.0.54/conf $ cp -p ../../apache-1.3.26/conf/tomcat-apache.conf . $ mv ssl.csr ssl.csr- $ mv ssl.crt ssl.crt- $ mv ssl.crl ssl.crl- $ mv ssl.prm ssl.prm- $ mv ssl.key ssl.key- $ cp -rp ../../apache-1.3.26/conf/ssl.* . Edit /usr/local/apache-2.0.54/conf/http.conf: - change markov-specific stuff to gigascale. - comment out "Include /usr/local/tomcat/conf/auto/mod_jk.conf" - insert, instead, "Include "/usr/local/apache/conf/tomcat-apache.conf" $ ssh markov 'cd /usr/local; tar cf - openssl-0.9.7g' | tar xvpf - $ cd /usr/local/lib $ ssh markov 'cd /usr/local/lib; tar cf - php' | tar xvpf - $ scp markov:/usr/local/lib/php.ini . $ cd /usr/local/bin $ ssh markov 'cd /usr/local/bin; tar cf - php*' | tar xvpf -Prepare to make the switch on gigascale:
$ /etc/init.d/gsrc stop $ cd /usr/local $ rm apache $ ln -s apache-2.0.54 apache $ mv ssl ssl.old # (This was not a symbolic link, as is now the convention) $ ln -s openssl-0.9.7g ssl $ su - www % cd /home/www/php/include % cvs update sql.inc.php3 user.inc.php3 % cd ../subpages % cvs update options.power.password.php3 % exit $ /etc/init.d/gsrc start
First take the tar files of three kick-arse open-source software packages and the livers of two system administrators. Boil a big pot of water and season to taste. Fold in tar files, chopped system adminstrator liver, and serve ga ished with RISC instructions and users on the side.
Installing Apache is a little complicated, as there are quite a number of additional modules that need to be added to it. These instructions are based in part on Ralf EngelSchall's instructions for installing Apache and mod_ssl. The following instructions assume you can be root and basically know what you are doing :-)
Preparation
If the webserver is currently running, connect to it and see when it was built and what modules were installed: http://embedded.eecs.berkeley.edu/server-status?refresh=5
(Hint: If you are offsite, then use lynx
to display the server settings.)
As of 3/25/01:
openssl-0.9.6 apache_1.3.19 mod_ssl-2.8.1-1.3.19 php-3.0.18
As of 9/15/00:
Apache/1.3.12 (Unix) PHP/3.0.16 mod_ssl/2.6.6 OpenSSL/0.9.5a
Then, download the latest versions of the following into /home/tools/downloads:
zcat downloads/package.tar.gz | tar -xf
Install OpenSSL
cd /export/home/tools/openssl-xxx ./config make >& make.out & tail -f make.out make test
umask 002 make installOpenSSL is now installed in /usr/local/ssl.
Patch mod_ssl into apache
cd /export/home/tools/mod_ssl-xxx ./configure --with-apache=/export/home/tools/apache_1.3.19
Build PHP and patch it into apache
cd ../apache_1.3.19 ./configure --prefix=/usr/local/apache
cd ../php-xxx sh CFLAGS='-O2 -I/usr/local/ssl/include' ./configure --with-apache=/export/home/tools/apache_1.3.19 --with-mysql=/usr/local/mysql --enable-memory-limit=yes --enable-debug=no exit
/export/home/tools/php-xxx/main.c
and change:
#if HAVE_SYSLOG_H if (!strcmp(php3_ini.error_log, "syslog")) syslog(LOG_NOTICE,log_message); retu ;to
#if HAVE_SYSLOG_H if (!strcmp(php3_ini.error_log, "syslog")) syslog(LOG_NOTICE|LOG_LOCAL4,log_message); retu ;
/etc/syslog.conf
and add the line
local4.notice /var/log/php.logNote that the two columns are separated by a tab
/var/log/php.log
touch /var/log/php.log
/usr/local/lib/php3.ini
and set
error_log = syslog
/var/log/php.log
.
Look at root's crontab file and see how /var/log/syslog
is rotated and then do the same for php.log
.
make make install
--with-apache
directive. Locally, we
have a separate source tree at
/export/home/tools/php-xxx-standalone
that we use to build the standalone php binary.
cd /export/home/tools/php-xxx-standalone configure --with-mysql=/usr/local/mysql make cp php /usr/local/binNote that the website does not require the standalone php binary, but the php binary is useful for testing. I have PHP installed as a module, can I run scripts from the command line?
Build and install Apache
Finally! All of the Apache installation works better if you are root when running it.
cd /export/home/tools/apache_1.3.19 SSL_BASE=/usr/local/ssl ./configure --prefix=/usr/local/apache --datadir=/home/www --enable-module=proxy --enable-module=rewrite --enable-module=ssl --activate-module=src/modules/php3/libphp3.a --enable-module=php3 --enable-module=so
make > make.log
make certificateHow and when do we renew the certificate? for details.
When you encrypt the private key, use an empty password,
or else you will be prompted for the password each
time the httpd
daemon starts up.
The result from this process will be
RESULT: Server Certification Files o conf/ssl.key/server.key The PEM-encoded RSA private key file which you configure with the 'SSLCertificateKeyFile' directive (automatically done when you install via APACI). KEEP THIS FILE PRIVATE! o conf/ssl.crt/server.crt The PEM-encoded X.509 certificate file which you configure with the 'SSLCertificateFile' directive (automatically done when you install via APACI). o conf/ssl.csr/server.csr The PEM-encoded X.509 certificate signing request file which you can send to an official Certificate Authority (CA) in order to request a real server certificate (signed by this CA instead of our demonstration-only Snake Oil CA) which later can replace the conf/ssl.crt/server.crt file. WA ING: Do not use this for real-life/production systems
/usr/local/apache/conf
files are under CVS
in the apache
repository in the
/home/cvsgigascale
on gigascale. To check
these files out, do
cd /usr/local cvs -d :ext:gigascale.eecs.berkeley.edu:/home/cvsgigascale apacheThe reason that we use
/home/cvsgigascale
instead of
/home/cvs
is so that root on gigascale
can write the repository.
cd /export/home/tools/apache* umask 002 make install >& install.log &
You should have directories in /usr/local/apache
called conf, htdocs, icons,
and cgi-bin. You should change these now to be owned by
www, group webmastr, and permissions g+w and g+s.
chown -R www /usr/local/apache chgrp -R webmastr /usr/local/apache chmod -R g+w /usr/local/apache
cd /usr/local/apache/conf; cvs update
If you are not checking the Apache conf files out of CVS, then at the minimum, you should tell Apache to use PHP. Uncomment these two lines in /usr/local/apache/conf/httpd.conf:
AddType application/x-httpd-php3 .php3 AddType application/x-httpd-php3-source .phps
/etc
so that it the server is started up each time
cp /usr/local/apache/bin/apachectl /etc/init.d cd /etc/rc3.d ln -s ../init.d/apachectl S50apachectl
/etc/init.d/apachectl
so that apachectl start
starts the
ssl version.
start)To:
startnossl)
startssl|sslstart|start-SSL)to
startssl|sslstart|start-SSL|start)For details, see When I click on login, I get a server not responding message.
/etc/init.d/apachectl startIf it doesn't start, take a look in /usr/local/apache/logs.
Note that we used to have to disable MD5 Crypt,
but we don't have to any more.
See Users are having problems changing passwords, but we don't any
Edit main/php_config.h, changing
#define PHP_MD5_CRYPT 1to
#define PHP_MD5_CRYPT 0See Installing Mailman.