[CentOS] FIXed - Apache Built -how do add SSL

Thu Jan 11 01:45:09 UTC 2007
Karl R. Balsmeier <karl at klxsystems.net>

Will McDonald wrote:

> On 10/01/07, Karl R. Balsmeier <karl at klxsystems.net> wrote:
>
>> Will McDonald wrote:
>>
>> > On 10/01/07, Karl R. Balsmeier <karl at klxsystems.net> wrote:
>> >
>> >> hey I already compiled apache 2.0.58 from source onto my centos 
>> server
>> >> and noticed I needed to get SSL module added "after the fact"
>> >>
>> >> -what are the commands I would run to get this working without wiping
>> >> everything out and starting over?
>> >
>> >
>> > It's generally recommended that you DO NOT compile *anything* from
>> > source for CentOS or any other RPM-based distro unless you have
>> > absolutely no other option and you know what you're doing.
>> >
>> > And under those circumstances you should at least consider rebuilding
>> > a custom RPM with whatever additional functionality you require from
>> > the SRPM so it's still packaged and runs far less risk of breaking the
>> > system.
>> >
>> > If you need Apache with SSL support the recommended method would be to
>> > install the 'httpd' and 'mod_ssl' packages and their dependencies with
>> > the command...
>> >
>> > # yum install httpd mod_ssl
>> >
>> > or
>> >
>> >
>> > There's lots more useful information on the CentOS site and in the 
>> Wiki.
>> >
>> > 
>> http://www.centos.org/docs/4/html/yum/sn-software-management-tools.html
>> > http://www.centos.org/docs/4/html/yum/sn-managing-packages.html
>> > 
>> http://wiki.centos.org/?action=fullsearch&context=180&value=yum&titlesearch=Titles 
>>
>> >
>> >
>> > Will.
>> > _______________________________________________
>> > CentOS mailing list
>> > CentOS at centos.org
>> > http://lists.centos.org/mailman/listinfo/centos
>>
>> Hi Will,
>>
>> I understand all of the centos-package-only rhetoric but am still
>> curious about a technical answer to my specific technical question.
>>
>> I appreciate all of the helpful pointers you've copied in from the site
>> -but in this case the question is more important than enforcing the
>> packaging paradigm -and I support the project's views on that and have
>> seen them many times.
>>
>> To wit, Community Enterprise OS is used outside of this context all of
>> the time -in this case for a highly scientific purpose related to
>> optimizing chip yields -with, (gasp), things compiled from source which
>> are (sigh of relief) eventually turned into nifty RPM files that can be
>> shared/modified/perfected by the community by the brilliant likes of the
>> centos package maintainers at their noble and highly revered discretion.
>>
>> "To do the science we must do the work".  So apologies for the "outside
>> the box" moment.  We are doing this work on 60+ 64-bit servers, all of
>> whom have apache from source because we had our own needs to answer to
>> and this OS was the closest match to the need to make a javagroups
>> application cluster, which it does very very well.
>>
>> If anyone knows, much appreciated, -you can just email me 'off-list'.  I
>> emailed the mod_sslusers list so hopefull that'll get a nice clear 
>> answer.
>>
>> And just to be really clear, no negative attitude here or anything,
>> -just looking for a community assist on an important question.  thanx!
>
>
> OK, cool. The reason for the potted "Use RPMS" response was that the
> vast majority of people asking "how to do X/Y/Z" with the source tend
> not to understand what they're doing or why, they're just following a
> how-to or FAQ that doesn't take a packaging system into consideration.
> And people who do "get it" tend to just RTFM or Google it :)
>
> To enable SSL support in Apache at build time you need to pass the
> './configure' a couple of options and the paths to some SSL libraries,
> if those have been built and installed outside the packaging system
> too.
>
> --enable-shared=ssl \
> --enable-module=ssl \
>
> The output from
>
> # $path_to_apache_source/configure --help
>
> is copious and useful. As are the INSTALL/README files included in 
> that source.
>
> Assuming your Apache was configured then built with modular support
> (mod_so.c) then you can enable additional functionality after-the-fact
> using 'apxs'. SSL support *may* be so tied into the Apache build that
> 'apxs' won't suffice but I'd guess you'll be OK.
>
> Will.
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> http://lists.centos.org/mailman/listinfo/centos

oh great, so if you ever run across a centos server and the owner says 
"it was made from source, can you please fix it", -or are just plain 
curious about what I did to fix this [how to uninstall apache 2.0.58 
made from source], you just have to do two commands to remove the apache 
compiled from source, like this:

rm -rf /usr/local/apache
rm /etc/rc.d/init/d/httpd

the first rm command recursively forcibly removes the apache dirs and 
files under /usr/local/
the second rm comand will delete the symlink from 
/usr/local/apache/bin/apachectl to /etc/rc.d/init.d/httpd if it exists

you can then effectively revert to the centos method of

yum install httpd

or

yum groupinstall "Web Server"

and skip merrily along your webified path through the elysian fields of 
networked information.

-karlski