I've got a recipe to install:
    openssl-0.9.6
    mod_ssl-2.8.0-1.3.17
    apache_1.3.17
        and
    WebObjects 4.5
        on 
    MacOS X Server 1.2

It's working on our server right now.  This recipe is a compilation of the
helpful hints and suggestions from a few people from a few lists :)

0) su to root.

1) get the tarballs

    wget http://www.modssl.org/source/mod_ssl-2.8.0-1.3.17.tar.gz
    wget http://www.apache.org/dist/apache_1.3.17.tar.gz
    wget http://www.openssl.org/source/openssl-0.9.6.tar.gz

2) extract them

    gnutar xzf mod_ssl-2.8.0-1.3.17.tar.gz
    gnutar xzf apache_1.3.17.tar.gz
    gnutar xzf openssl-0.9.6.tar.gz

3) 'Fix' openssl

    Find openssl-0.9.6/apps/speed.c and add at the end of
    line 90 the following text: " && !defined(__MACOSXSERVER__)"

4) build openssl

    cd openssl-0.9.6
    ./config no-threads -D__MACOSXSERVER__
    make clean
    make
    make test
    make install

5) Get ready to build mod_ssl

    5.1) Borrowed from Scott's article in Stepwise, supply the
         compiler flag: -DDYLD_CANT_UNLOAD.  Scott used EXTRA_CFLAGS but the
         configure chastised me for doing so, suggesting that I use CFLAGS

        setenv CFLAGS "-DDYLD_CANT_UNLOAD"

    5.2) On my test machine, I renamed apache.conf in
         /Local/Library/WebServer/Configure.  I did this so I'd know for
         sure that a new .conf file would be installed.  I'm not sure how
         important it was to do that...  There was a point where I was doing
         random behaviours hoping something would work...  On our main
         server, I renamed the Configure directory as well as
         /Local/Library/Apache...

    5.3) configure for mod_ssl

        cd mod_ssl-2.8.0-1.3.17
        ./configure                                     \
        --with-apache=../apache_1.3.17                  \
        --with-ssl=../openssl-0.9.6                     \
        --prefix=/Local/Library/WebServer               \
        --exec-prefix=/usr/local                        \
        --libexecdir=/Local/Library/Apache/Modules      \
        --iconsdir=/Local/Library/Apache/Icons          \
 --includedir=/Local/Library/Frameworks/Apache.framework/Versions/1.3/Header
s \
        --target=apache                                 \
        --enable-rule=SSL_SDBM                          \
        --enable-module=most                            \
        --enable-shared=ssl                             \
        --enable-shared=max

            That line starting with "--includedir" is a long one - watch out
            for wrapped lines :)

6) build Apache

    Just follow the instructions that the mod_ssl configure tells you to
    do:
        cd ../apache_1.3.17
        make
        make certificate
        make install

7) build WebObjects Adaptor
    
    This is almost just like in Scott's Stepwise article...
    
    7.1) create the Adaptors directory structure

        cp -r /System/Developer/Examples/WebObjects/Source/Adaptors .

        chmod -R ug+w Adaptors/Adaptor

    7.2) Alter Makefile to supply the -DEAPI flag.

        Edit Adaptors/Apache/Makefile to add  -DEAPI to CFLAGS.  I just
        pasted "-DEAPI" to the end of both line 68 and 70 (overkill I
        know...)

    7.3) Make and install the adaptor

        make \
        "APXS = /usr/local/sbin/apxs" \
"APACHEHEADERS=/Local/Library/Frameworks/Apache.framework/Versions/1.3/Heade
rs"

        install mod_WebObjects.so /Local/Library/Apache/Modules/

            That line starting with "\"APACHEHEADERS" is a long one - watch
            out for wrapped lines :)

8) Post stuff
    Because I set aside my apache.conf file and a bunch of other stuff, I
had to go through the new configuration and make sure that everything was
okay.  In particular, I made sure that references to WebObjects found in the
original apache.conf file were restored in the new apache.conf, the ssl
keys/certficates/etc were put back, etc...

Once I had my basic recipe figured out, the process was pretty quick :)

One problem that I still have (I was hoping that this upgrade would have
fixed this) is that I get intermittent "Data Encryption Error" (on IE) or
"Network IO Error" (on Netscape).  This error did not come up with the test
certificate, the one signed by Snake Oil....  Any ideas on this would be
greatly appreciated!

Mark


______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [EMAIL PROTECTED]
Automated List Manager                           [EMAIL PROTECTED]

Reply via email to