[CentOS] OT: Apache Built -how do add SSL module?

Wed Jan 10 22:28:50 UTC 2007
Will McDonald <wmcdonald at gmail.com>

On 10/01/07, Karl R. Balsmeier <karl at klxsystems.net> wrote:
> Will McDonald wrote:
> > On 10/01/07, Karl R. Balsmeier <karl at klxsystems.net> wrote:
> >
> >> hey I already compiled apache 2.0.58 from source onto my centos server
> >> and noticed I needed to get SSL module added "after the fact"
> >>
> >> -what are the commands I would run to get this working without wiping
> >> everything out and starting over?
> >
> >
> > It's generally recommended that you DO NOT compile *anything* from
> > source for CentOS or any other RPM-based distro unless you have
> > absolutely no other option and you know what you're doing.
> >
> > And under those circumstances you should at least consider rebuilding
> > a custom RPM with whatever additional functionality you require from
> > the SRPM so it's still packaged and runs far less risk of breaking the
> > system.
> >
> > If you need Apache with SSL support the recommended method would be to
> > install the 'httpd' and 'mod_ssl' packages and their dependencies with
> > the command...
> >
> > # yum install httpd mod_ssl
> >
> > or
> >
> >
> > There's lots more useful information on the CentOS site and in the Wiki.
> >
> > http://www.centos.org/docs/4/html/yum/sn-software-management-tools.html
> > http://www.centos.org/docs/4/html/yum/sn-managing-packages.html
> > http://wiki.centos.org/?action=fullsearch&context=180&value=yum&titlesearch=Titles
> >
> >
> > Will.
> > _______________________________________________
> > CentOS mailing list
> > CentOS at centos.org
> > http://lists.centos.org/mailman/listinfo/centos
> Hi Will,
> I understand all of the centos-package-only rhetoric but am still
> curious about a technical answer to my specific technical question.
> I appreciate all of the helpful pointers you've copied in from the site
> -but in this case the question is more important than enforcing the
> packaging paradigm -and I support the project's views on that and have
> seen them many times.
> To wit, Community Enterprise OS is used outside of this context all of
> the time -in this case for a highly scientific purpose related to
> optimizing chip yields -with, (gasp), things compiled from source which
> are (sigh of relief) eventually turned into nifty RPM files that can be
> shared/modified/perfected by the community by the brilliant likes of the
> centos package maintainers at their noble and highly revered discretion.
> "To do the science we must do the work".  So apologies for the "outside
> the box" moment.  We are doing this work on 60+ 64-bit servers, all of
> whom have apache from source because we had our own needs to answer to
> and this OS was the closest match to the need to make a javagroups
> application cluster, which it does very very well.
> If anyone knows, much appreciated, -you can just email me 'off-list'.  I
> emailed the mod_sslusers list so hopefull that'll get a nice clear answer.
> And just to be really clear, no negative attitude here or anything,
> -just looking for a community assist on an important question.  thanx!

OK, cool. The reason for the potted "Use RPMS" response was that the
vast majority of people asking "how to do X/Y/Z" with the source tend
not to understand what they're doing or why, they're just following a
how-to or FAQ that doesn't take a packaging system into consideration.
And people who do "get it" tend to just RTFM or Google it :)

To enable SSL support in Apache at build time you need to pass the
'./configure' a couple of options and the paths to some SSL libraries,
if those have been built and installed outside the packaging system

--enable-shared=ssl \
--enable-module=ssl \

The output from

# $path_to_apache_source/configure --help

is copious and useful. As are the INSTALL/README files included in that source.

Assuming your Apache was configured then built with modular support
(mod_so.c) then you can enable additional functionality after-the-fact
using 'apxs'. SSL support *may* be so tied into the Apache build that
'apxs' won't suffice but I'd guess you'll be OK.