Alvits

Alvits

关注
发信
关注(28)粉丝(399)

如何在 Apache 2.2.9 中使用 mod_ssl 将 openssl 0.9.8 升级到 1.0.2

本文介绍了如何在 Apache 2.2.9 中使用 mod_ssl 将 openssl 0.9.8 升级到 1.0.2的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我被要求在 SuseSE11SP3 中使用 openssl 1.0.2 重新编译 mo_ssl.不过,我是 Suse 的新手,但对 linux 略知一二.

I am asked to recompile mo_ssl with openssl 1.0.2 in SuseSE11SP3.However, I am a newbie to Suse, but know a little bit of linux.

  • 操作系统:Suse SE11SP3
  • Openssl : 0.9.8j
  • 网络服务器:Apache httpd 2.2.9

这是我的限制.我不能使用 zypperrpm 因为公司安全政策不允许我这样做.这是荒谬的,这里就是这样.我的另一个限制是这个系统被我没有权限的其他网络服务器使用.我必须尽可能在本地进行.

Here is limitation I have. I cannot use zypper or rpm because company security policy does not allow me to do it. It is absurd, this is how it goes here.Another limitation I have is this system is used by other web servers which I don't have permission. I have to make it as locally as possible.

我希望它发生的是,当我重新编译 apache 服务器时,我喜欢看到 mod_ssl 链接到较新版本的 Openssl 库.

What I want it to happen is that when I recompile apache server, I like to see mod_ssl is linked to newer version Openssl library.

所以,我下载了 Openssl 1.0.2h 源文件:

So, I downloaded Openssl 1.0.2h source file:

./confgiure --prefix=//PREFIX/openssl --opendir=/PREFIX/openssl
make test
make install

成功地,我在本地目录上安装了 openssl.

Successfully, I installed openssl on local directory.

然后我尝试重新编译已经存在的httpd2.2.9.所以我去了httpd 2.2.9中的源文件

and then I attempted to recompile httpd2.2.9 which already exists.so I went to source file in httpd 2.2.9

make clean

export LIBS=-ldl
export LD_LIBRARY_PATH="/PREFIX/openssl"
export LIBS="-L/PREFIX/openssl"
export CPPFLAGS="-I/PREFIX/include/openssl"

./configure --prefix=/PREFIX/apache22  --enable-so --enable-ssl=ssl -with-ssl=/PREFIX/openssl --enable-module=shared CC=/usr/bin/gcc

make install

有一些错误,但我有点想通并编译它.然而,mod_ssl 的最终结果仍然链接到旧的 Openssl 0.9.8 而不是新版本 1.0.2h

There were some errors but I kind of figured out and make it compiled. However,the final result for mod_ssl is still linked to old Openssl 0.9.8 instead of newer version 1.0.2h

我在这些步骤中遗漏了什么?还是我哪里做错了?

What did I miss in these steps? Or where did I go wrong?

//openssl install
./config -fPIC shared --prefix=/PREFIX/openssl --openssldir=/PREFIX/openssl
make
make test
make install

// install apache2

//recompiling after apache2 is installed with openssl

export LIBS=-ldl
export LD_LIBRARY_PATH="/PREFIX/openssl/lib"
export LDFLAGS="-L/PREFIX/openssl"
export CPPFLAGS="-I/PREFIX/openssl/include/openssl"
export CFLAGS="-Wl,-rpath=/PREFIX/openssl:/usr/lib -I/PREFIX/openssl/include/openssl"

./configure --prefix=/PREFIX/apache22  --enable-so --enable-ssl=shared -with-ssl=/PREFIX/openssl --enable-module=shared CC=/usr/bin/gcc
make
make install

上面的命令在apache22/modules"下创建了 mod_ssl.so 但是当我做 ldd mod_ssl.so 时,结果如下

The above command creates mod_ssl.so under "apache22/modules" butwhen I did ldd mod_ssl.so it came out like the following

linux-vdso.so.1 =>  (0x00007fffef8f2000)
libssl.so.1.0.0 => not found
libcrypto.so.1.0.0 => not found
libpthread.so.0 => /lib64/libpthread.so.0 (0x00007ffe6a48d000)
libc.so.6 => /lib64/libc.so.6 (0x00007ffe6a116000)
/lib64/ld-linux-x86-64.so.2 (0x00007ffe6a913000)

libssl.so,libcrypto.so 未链接.. 我不知道我还能在这里做些什么来将 mod_ssl.so 链接到不同版本的 openssl.

libssl.so, libcrypto.so is not linked .. I don't know whatelse I can do it here to link mod_ssl.so to different version of openssl.

请帮帮我.

推荐答案

由于 Alvits 的帮助,我第一次可以在 stackoverflow 中写出这个答案.

Due to Alvits's help,I could write this answer in stackoverflow for the first time.

!!向阿尔维茨致敬!!

我最初的任务是我需要在本地目录中安装不同版本的 openssl,这与系统 openssl 不同.但我喜欢制作链接到较新的 openssl 的 mod_ssl.

My original task was that I need to install different version of openssl in local direcotry which is different from system openssl. But I like to make mod_ssl which is linked to newer openssl.

首先,我安装了带有共享选项的 openssl,我最初忘记了它并且没有创建 mod_ssl.所以要小心不要忘记它.

First, I installed openssl with shared option, which I originally forgot about it and mod_ssl was not created. so be careful not forgetting it. 

cd openssl_source_direcotry
./config -fPIC shared --prefix=/PREFIX/openssl --openssldir=/PREFIX/openssl
make
make test
make install

下一步,我添加了一些环境变量.PREFIX 是我的本地目录.安装时请使用不同的名称而不是 PREFIX.

Next step, I added some environment variables. PREFIX is my local directory.When you install please use different name instead of PREFIX. 

export LIBS=-ldl
export LD_LIBRARY_PATH="/PREFIX/openssl/lib"
export LDFLAGS="-L/PREFIX/openssl"
export CPPFLAGS="-I/PREFIX/openssl/include/openssl"
export CFLAGS="-Wl,-rpath=/PREFIX/openssl/lib:/usr/lib -I/PREFIX/openssl/include/openssl"

下一步是重新编译apache服务器.我假设您的服务器上已经安装了 apache 服务器.

Next step is to recompile apache server. I assumed that apache server is already installed on your server. 

./configure --prefix=/PREFIX/apache22 --with-apr=/PREFIX/apache22/bin --with-apr-util=/PREFIX/apache22/bin --enable-so --enable-ssl=shared -with-ssl=/PREFIX/openssl --enable-module=shared CC=/usr/bin/gcc
make install

接下来到apache22/modules确认mod_ssl.so是否正确链接.

Next, go to apache22/modules to confirm whether mod_ssl.so is correctly linked. 

ldd mod_ssl.so

        linux-vdso.so.1 =>  (0x00007fff823ff000)
        libssl.so.1.0.0 => /PREFIX/openssl/lib/libssl.so.1.0.0 (0x00007fb3b32d4000)
        libcrypto.so.1.0.0 => /PREFIX/openssl/lib/libcrypto.so.1.0.0 (0x00007fb3b2e8c000)
        libpthread.so.0 => /lib64/libpthread.so.0 (0x00007fb3b2c3e000)
        libc.so.6 => /lib64/libc.so.6 (0x00007fb3b28c7000)
        libdl.so.2 => /lib64/libdl.so.2 (0x00007fb3b26c2000)
        /lib64/ld-linux-x86-64.so.2 (0x00007fb3b377d000)

再来一次,我非常感谢 Alvits 的帮助.没有他的帮助,我无法走到这一步.

One more tiem, I really appreciate Alvits for his help. without his help, I couldn't make this far.

这篇关于如何在 Apache 2.2.9 中使用 mod_ssl 将 openssl 0.9.8 升级到 1.0.2的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!

07-31 07:15
Powered by LMLPHP ©2025 Alvits 0.040638