I've got a recipe to install:
openssl-0.9.6
mod_ssl-2.8.0-1.3.17
apache_1.3.17
and
WebObjects 4.5
on
MacOS X Server 1.2
It's working on our server right now. This recipe is a compilation of the
helpful hints and suggestions from a few people from a few lists :)
0) su to root.
1) get the tarballs
wget http://www.modssl.org/source/mod_ssl-2.8.0-1.3.17.tar.gz
wget http://www.apache.org/dist/apache_1.3.17.tar.gz
wget http://www.openssl.org/source/openssl-0.9.6.tar.gz
2) extract them
gnutar xzf mod_ssl-2.8.0-1.3.17.tar.gz
gnutar xzf apache_1.3.17.tar.gz
gnutar xzf openssl-0.9.6.tar.gz
3) 'Fix' openssl
Find openssl-0.9.6/apps/speed.c and add at the end of
line 90 the following text: " && !defined(__MACOSXSERVER__)"
4) build openssl
cd openssl-0.9.6
./config no-threads -D__MACOSXSERVER__
make clean
make
make test
make install
5) Get ready to build mod_ssl
5.1) Borrowed from Scott's article in Stepwise, supply the
compiler flag: -DDYLD_CANT_UNLOAD. Scott used EXTRA_CFLAGS but the
configure chastised me for doing so, suggesting that I use CFLAGS
setenv CFLAGS "-DDYLD_CANT_UNLOAD"
5.2) On my test machine, I renamed apache.conf in
/Local/Library/WebServer/Configure. I did this so I'd know for
sure that a new .conf file would be installed. I'm not sure how
important it was to do that... There was a point where I was doing
random behaviours hoping something would work... On our main
server, I renamed the Configure directory as well as
/Local/Library/Apache...
5.3) configure for mod_ssl
cd mod_ssl-2.8.0-1.3.17
./configure \
--with-apache=../apache_1.3.17 \
--with-ssl=../openssl-0.9.6 \
--prefix=/Local/Library/WebServer \
--exec-prefix=/usr/local \
--libexecdir=/Local/Library/Apache/Modules \
--iconsdir=/Local/Library/Apache/Icons \
--includedir=/Local/Library/Frameworks/Apache.framework/Versions/1.3/Header
s \
--target=apache \
--enable-rule=SSL_SDBM \
--enable-module=most \
--enable-shared=ssl \
--enable-shared=max
That line starting with "--includedir" is a long one - watch out
for wrapped lines :)
6) build Apache
Just follow the instructions that the mod_ssl configure tells you to
do:
cd ../apache_1.3.17
make
make certificate
make install
7) build WebObjects Adaptor
This is almost just like in Scott's Stepwise article...
7.1) create the Adaptors directory structure
cp -r /System/Developer/Examples/WebObjects/Source/Adaptors .
chmod -R ug+w Adaptors/Adaptor
7.2) Alter Makefile to supply the -DEAPI flag.
Edit Adaptors/Apache/Makefile to add -DEAPI to CFLAGS. I just
pasted "-DEAPI" to the end of both line 68 and 70 (overkill I
know...)
7.3) Make and install the adaptor
make \
"APXS = /usr/local/sbin/apxs" \
"APACHEHEADERS=/Local/Library/Frameworks/Apache.framework/Versions/1.3/Heade
rs"
install mod_WebObjects.so /Local/Library/Apache/Modules/
That line starting with "\"APACHEHEADERS" is a long one - watch
out for wrapped lines :)
8) Post stuff
Because I set aside my apache.conf file and a bunch of other stuff, I
had to go through the new configuration and make sure that everything was
okay. In particular, I made sure that references to WebObjects found in the
original apache.conf file were restored in the new apache.conf, the ssl
keys/certficates/etc were put back, etc...
Once I had my basic recipe figured out, the process was pretty quick :)
One problem that I still have (I was hoping that this upgrade would have
fixed this) is that I get intermittent "Data Encryption Error" (on IE) or
"Network IO Error" (on Netscape). This error did not come up with the test
certificate, the one signed by Snake Oil.... Any ideas on this would be
greatly appreciated!
Mark
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
