On our installation, the sources for Apache, SSL, and PHP are all under /https. Apache binaries are under /usr/local/apache. HTML *and* PHP files must go under /usr/local/apache/htdocs. CGI-BIN scripts need to go under /usr/local/apache/cgi-bin. Note: This may not be the most efficient way of installing apache-ssl-php, but it *works* 1. Obtaining all necessary code (links go to download from this server, or use URL if available):
|
$ cd /https $ lynx http://httpd.apache.org/dist/httpd/apache_1.2.20.tar.gz $ lynx ftp://ftp.modssl.org/source/mod_ssl-2.8.4-1.3.20.tar.gz $ lynx ftp://ftp.openssl.org/source/openssl-0.9.6a.tar.gz $ lynx http://www.php.net(direct link to official download not available) |
2. gzip them all:
|
$ gzip -d -c apache_1.3.20.tar.gz | tar xvf - $ gzip -d -c mod_ssl-2.8.4-1.3.20.tar.gz | tar xvf - $ gzip -d -c openssl-0.9.6a.tar.gz | tar xvf - $ gzip -d -c php-4.0.6.tar.gz | tar xvf - |
3. Configuration for SSL:
|
$ cd openssl-0.9.6a $ ./config $ make $ cd ../mod_ssl-2.8.4-1.3.20 $ ./configure --with-apache=../apache_1.3.20 --with-ssl=../openssl-0.9.6a --prefix=/usr/local/apache $ cd .. |
The '--with-apxs' makes this into a module that can be included or excluded in the Apache httpd.conf file. The other '--' directives are just capabilities to include in the PHP binary image. Run './configure --help' in the PHP source directory for a list of all the capabilities you can include. Note that with-mysql is on by default. So you always have MySQL support in there. An excellent reference for available configuration options is http://www.php.net/manual/en/install.configure.php. The 'CFLAGS' part is needed because the SSL inclusion enables the Apache Extended API (EAPI). This means that EAPI must also be enabled for PHP. 4. Configuration of Apache: The '--activate-module' compiles the ssl capability into the Apache image. The '--enable-module=so' makes sure that mod_so is compiled in. That's the DSO (Dynamic Server Objects) capability that allows Apache to load modules at start-up time if a corresponding 'LoadModule' command is included in httpd.conf. See further below for an example dynamically includes PHP:
|
$ cd apache_1.3.20 $ ./configure --activate-module=src/modules/ssl/libssl.a --enable-module=so $ make |
The following SSL certificate creation only needs to be done once. If you recompile Apache, you just have to ./configure, make, and make install.
|
$ make certificate TYPE=custom |
This begins the step in which you must fill in your certificate information. Answers which you must choose yourself but need to be the same in both sets are in italics, Answers which you can choose yourself and must not be identical to another are bold. Warning: I don't really know what I'm doing on this step. All I know is that it will work.
Signature Algorithm ((R)SA or (D)SA) [R]:make[1]: r 1. Country Name (2 letter code) [XY]: US 2. State or Province Name (full name) [Snake Desert]: California 3. Locality Name (eg, city) [Snake Town]: San Francisco 4. Organization Name (eg, company) [Snake Oil, Ltd]: Server, Inc. 5. Organizational Unit Name (eg, section) [Certificate Authority]: Department 6. Common Name (eg, CA name) [Snake Oil CA]: Server, Inc. 7. Email Address (eg, name@FQDN) [ca@snakeoil.dom]: webmaster@domain.com 8. Certificate Validity (days) [365]: 365 Certificate Version (1 or 3) [3]: 1 1. Country Name (2 letter code) [XY]: US 2. State or Province Name (full name) [Snake Desert]: California 3. Locality Name (eg, city) [Snake Town]: San Francisco 4. Organization Name (eg, company) [Snake Oil, Ltd]: Server, Inc. 5. Organizational Unit Name (eg, section) [Webserver Team]: Department 6. Common Name (eg, FQDN) [www.snakeoil.dom]: Server, Inc. 7. Email Address (eg, name@fqdn) [www@snakeoil.dom]: webmaster@domain.com 8. Certificate Validity (days) [365]: 365 Certificate Version (1 or 3) [3]: 1 Encrypt the private key now? [Y/n]: n Encrypt the private key now? [Y/n]: n |
|
$ make install $ cd .. |
5. Configuration for PHP4:
|
$ cd php-4.0.6 $ CFLAGS="-DEAPI -fPIC" ./configure --with-apxs=/usr/local/apache/bin/apxs $ make $ make install |
If you do want to re-configure and re-compile, do a 'make clean' first, and delete file config.cache in the PHP src dir
|
$ cp php.ini-dist /usr/local/lib/php.ini $ cd .. |
6. Edit httpd.conf (with pico): Your httpd.conf file is in /usr/local/apache/conf
| $ pico /usr/local/apache/conf/httpd.conf |
Add the following lines in the file:
LoadModule php4_module libexec/libphp4.so Addtype application/x-httpd-php .php Addtype application/x-httpd-php .html Addtype application/x-httpd-php-source .phps |
Since any HTML is also legal php, we suggest you add the third line listed above. This way, you won't have to give your files a .php extension. 7. Managing HTTPD: It's easiest not to run httpd explicitly, but to use 'apachectl' instead.
/usr/local/apache/bin/apachectl start (to start httpd without SSL) /usr/local/apache/bin/apachectl startssl (to start httpd with SSL) /usr/local/apache/bin/apachectl restart (to cause httpd to re-read httpd.conf) /usr/local/apache/bin/apachectl stop (to bring httpd down) If you know how to put /usr/local/apache/bin/ into your path, it'll save you time. |
8. Tricks: To find out what's included in the PHP installation, and which environment variables are available in PHP scripts, make a file that includes the line <? phpinfo() ?>. Then load that from a browser. It'll tell you all.