Re: mod ssl

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On 12/04/2014 03:40, John Iliffe wrote:

I am compiling Apache-2.4.9 from source with the new openssl 1.0.1g.  So
far everything looks good EXCEPT that Apache won't start.  After making a
number of tweaks to the configuration, I'm stuck.  The error from httpd -t
is:

httpd: Syntax error on line 130 of /usr/apache-2.4.9/conf/httpd.conf:
Cannot load modules/mod_ssl.so into server: libssl.so.1.0.0: cannot open
shared object file: No such file or directory

I compiled with:

"./configure" \
"--prefix=/usr/apache-2.4.9" \
"--with-included-apr" \
"--with-pcre=/usr/pcre-8.32" \
"--with-ssl=/usr/openssl-1.0.1g" \

and the modules/ directory has the following partial listing:

-rwxr-xr-x 1 root root    35192 Apr 10 20:23 mod_socache_memcache.so
-rwxr-xr-x 1 root root    66857 Apr 10 20:23 mod_socache_shmcb.so
-rwxr-xr-x 1 root root    36732 Apr 10 20:23 mod_speling.so
-rwxr-xr-x 1 root root   826891 Apr 10 20:23 mod_ssl.so
-rwxr-xr-x 1 root root    61870 Apr 10 20:23 mod_status.so
-rwxr-xr-x 1 root root    42570 Apr 10 20:23 mod_substitute.so

Note that mod_ssl.so is third from the bottom.  I'm assuming that there is
some problem with the way I compiled openssl but it doesn't save a copy of
the command line.  Here is what I "think" I used:

./configure --prefix=/usr/openssl-1.0.1g share

which worked OK when I compiled Apache.

I'm sure if I weren't in such an all-fired hurry I could figure this out but
I would ask anyone who has already done this update to help me out here.

Thanks in advance.

John


Well, if you installed opensl-1.0.1g and have openssl dynamically linked by httpd, I don't see the need to re-compile http, rebooting should be enough I think (someone correct if I'm wrong).

Here (Slackware-14.0), oepnssl upgraded to openssl-1.0.1g but httpd nor recompiled since):

bash-4.2$ ldd /usr/sbin/httpd
        linux-gate.so.1 (0xffffe000)
        libpcre.so.0 => /usr/lib/libpcre.so.0 (0xb75fb000)
        libaprutil-1.so.0 => /usr/lib/libaprutil-1.so.0 (0xb75d2000)
        libexpat.so.1 => /usr/lib/libexpat.so.1 (0xb75aa000)
        libsqlite3.so.0 => /usr/lib/libsqlite3.so.0 (0xb74fb000)
        libdb-4.4.so => /lib/libdb-4.4.so (0xb73dd000)
        libldap-2.4.so.2 => /usr/lib/libldap-2.4.so.2 (0xb7393000)
        libsasl2.so.2 => /usr/lib/libsasl2.so.2 (0xb7379000)
        libssl.so.1 => /lib/libssl.so.1 (0xb7316000)
        libcrypto.so.1 => /lib/libcrypto.so.1 (0xb715f000)
        liblber-2.4.so.2 => /usr/lib/liblber-2.4.so.2 (0xb7150000)
        libresolv.so.2 => /lib/libresolv.so.2 (0xb7137000)
        libapr-1.so.0 => /usr/lib/libapr-1.so.0 (0xb7104000)
        libuuid.so.1 => /lib/libuuid.so.1 (0xb7100000)
        librt.so.1 => /lib/librt.so.1 (0xb70f7000)
        libcrypt.so.1 => /lib/libcrypt.so.1 (0xb70c4000)
        libpthread.so.0 => /lib/libpthread.so.0 (0xb70aa000)
        libdl.so.2 => /lib/libdl.so.2 (0xb70a4000)
        libc.so.6 => /lib/libc.so.6 (0xb6f1f000)
        /lib/ld-linux.so.2 (0xb76ef000)
bash-4.2$ openssl version
OpenSSL 1.0.1g 7 Apr 2014
bash-4.2$

I just upgraded openssl.

But this message
> Cannot load modules/mod_ssl.so into server: libssl.so.1.0.0: cannot open
> shared object file: No such file or directory
doesn't say that there was a problem in compiling https, only that you miss the shared library libssl.so.1.0.0.

Did you check that it is where expected?

FYI, the configure command in Slackware 14.0 is:
./configure \
  --enable-layout=Slackware-FHS \
  --with-apr=/usr \
  --with-apr-util=/usr \
  --enable-mods-shared=all \
  --enable-so \
  --enable-mpms-shared=all \
  --enable-pie \
  --enable-cgi \
  --with-pcre \
  --enable-ssl \
  --enable-rewrite \
  --enable-vhost-alias \
  --enable-proxy \
  --enable-proxy-http \
  --enable-proxy-ftp \
  --enable-cache \
  --enable-mem-cache \
  --enable-file-cache \
  --enable-disk-cache \
  --enable-dav \
  --enable-ldap \
  --enable-authnz-ldap \
  --enable-authn-anon \
  --enable-authn-alias \
  --build=$ARCH-slackware-linux || exit 1

HTH,

Didier

PS I don't see the need for this:
> ./configure --prefix=/usr/openssl-1.0.1g share

I'd just keep *only* the good version of openssl.

In any case  ldd /path/to/httpd should confirm you that there is a problem linking to openssl (maybe it's not in /usr/openssl-1.0.1g/lib ?)






---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux