Thanks Didier.
I ran ldd and openssl/libssl doesn't show up in either the version of
Apache that is running (2.4.3) or the new version 2.4.9. I checked the
error log for the last restart as suggested by Katherine Manfre on this
list and the running version reports: OpenSSL/1.0.0-FIPS.
The ldd for the same version is:
ldd /usr/apache-2.4.3/bin/httpd
linux-vdso.so.1 => (0x00007fff23a00000)
libpcre.so.1 => /usr/pcre-8.32/lib/libpcre.so.1
(0x00007fc2320a0000)
libaprutil-1.so.0 => /usr/apache-2.4.3/lib/libaprutil-1.so.0
(0x00007fc231e78000)
libexpat.so.0 => /usr/apache-2.4.3/lib/libexpat.so.0
(0x00007fc231c50000)
libapr-1.so.0 => /usr/apache-2.4.3/lib/libapr-1.so.0
(0x00007fc231a20000)
librt.so.1 => /lib64/librt.so.1 (0x00000037c9600000)
libcrypt.so.1 => /lib64/libcrypt.so.1 (0x00000037d7a00000)
libpthread.so.0 => /lib64/libpthread.so.0 (0x00000037c8a00000)
libc.so.6 => /lib64/libc.so.6 (0x00000037c8200000)
/lib64/ld-linux-x86-64.so.2 (0x00000037c7e00000)
libfreebl3.so => /lib64/libfreebl3.so (0x00000037d8c00000)
libdl.so.2 => /lib64/libdl.so.2 (0x00000037c8e00000)
and the ldd for the new version 2.4.9 (that can't start) is about the same:
linux-vdso.so.1 => (0x00007fff92ac8000)
libpcre.so.1 => /usr/pcre-8.32/lib/libpcre.so.1 (0x00007ffd4be70000)
libaprutil-1.so.0 => /usr/apache-2.4.9/lib/libaprutil-1.so.0
(0x00007ffd4bc48000)
libexpat.so.0 => /usr/apache-2.4.9/lib/libexpat.so.0
(0x00007ffd4ba20000)
libapr-1.so.0 => /usr/apache-2.4.9/lib/libapr-1.so.0
(0x00007ffd4b7e8000)
librt.so.1 => /lib64/librt.so.1 (0x00000037c9600000)
libcrypt.so.1 => /lib64/libcrypt.so.1 (0x00000037d7a00000)
libpthread.so.0 => /lib64/libpthread.so.0 (0x00000037c8a00000)
libc.so.6 => /lib64/libc.so.6 (0x00000037c8200000)
/lib64/ld-linux-x86-64.so.2 (0x00000037c7e00000)
libfreebl3.so => /lib64/libfreebl3.so (0x00000037d8c00000)
libdl.so.2 => /lib64/libdl.so.2 (0x00000037c8e00000)
I looked at your config file for make and obviously I left out quite a bit
from last time. I used the previous config.nice file as input and obviously
it doesn't show everything that was used in the previous compile.
I'll recompile again and see if it runs. Maybe I was just too sleepy last
night!
Thanks again.
John
On Saturday 12 April 2014 01:49:09 Didier Spaier wrote:
> On 12/04/2014 03:40, John Iliffe wrote:
> > I am compiling Apache-2.4.9 from source with the new openssl 1.0.1g.
> > So far everything looks good EXCEPT that Apache won't start. After
> > making a number of tweaks to the configuration, I'm stuck. The error
> > from httpd -t is:
> >
> > httpd: Syntax error on line 130 of /usr/apache-2.4.9/conf/httpd.conf:
> > Cannot load modules/mod_ssl.so into server: libssl.so.1.0.0: cannot
> > open shared object file: No such file or directory
> >
> > I compiled with:
> >
> > "./configure" \
> > "--prefix=/usr/apache-2.4.9" \
> > "--with-included-apr" \
> > "--with-pcre=/usr/pcre-8.32" \
> > "--with-ssl=/usr/openssl-1.0.1g" \
> >
> > and the modules/ directory has the following partial listing:
> >
> > -rwxr-xr-x 1 root root 35192 Apr 10 20:23 mod_socache_memcache.so
> > -rwxr-xr-x 1 root root 66857 Apr 10 20:23 mod_socache_shmcb.so
> > -rwxr-xr-x 1 root root 36732 Apr 10 20:23 mod_speling.so
> > -rwxr-xr-x 1 root root 826891 Apr 10 20:23 mod_ssl.so
> > -rwxr-xr-x 1 root root 61870 Apr 10 20:23 mod_status.so
> > -rwxr-xr-x 1 root root 42570 Apr 10 20:23 mod_substitute.so
> >
> > Note that mod_ssl.so is third from the bottom. I'm assuming that
> > there is some problem with the way I compiled openssl but it doesn't
> > save a copy of the command line. Here is what I "think" I used:
> >
> > ./configure --prefix=/usr/openssl-1.0.1g share
> >
> > which worked OK when I compiled Apache.
> >
> > I'm sure if I weren't in such an all-fired hurry I could figure this
> > out but I would ask anyone who has already done this update to help
> > me out here.
> >
> > Thanks in advance.
> >
> > John
>
> Well, if you installed opensl-1.0.1g and have openssl dynamically linked
> by httpd, I don't see the need to re-compile http, rebooting should be
> enough I think (someone correct if I'm wrong).
>
> Here (Slackware-14.0), oepnssl upgraded to openssl-1.0.1g but httpd nor
> recompiled since):
>
> bash-4.2$ ldd /usr/sbin/httpd
> linux-gate.so.1 (0xffffe000)
> libpcre.so.0 => /usr/lib/libpcre.so.0 (0xb75fb000)
> libaprutil-1.so.0 => /usr/lib/libaprutil-1.so.0 (0xb75d2000)
> libexpat.so.1 => /usr/lib/libexpat.so.1 (0xb75aa000)
> libsqlite3.so.0 => /usr/lib/libsqlite3.so.0 (0xb74fb000)
> libdb-4.4.so => /lib/libdb-4.4.so (0xb73dd000)
> libldap-2.4.so.2 => /usr/lib/libldap-2.4.so.2 (0xb7393000)
> libsasl2.so.2 => /usr/lib/libsasl2.so.2 (0xb7379000)
> libssl.so.1 => /lib/libssl.so.1 (0xb7316000)
> libcrypto.so.1 => /lib/libcrypto.so.1 (0xb715f000)
> liblber-2.4.so.2 => /usr/lib/liblber-2.4.so.2 (0xb7150000)
> libresolv.so.2 => /lib/libresolv.so.2 (0xb7137000)
> libapr-1.so.0 => /usr/lib/libapr-1.so.0 (0xb7104000)
> libuuid.so.1 => /lib/libuuid.so.1 (0xb7100000)
> librt.so.1 => /lib/librt.so.1 (0xb70f7000)
> libcrypt.so.1 => /lib/libcrypt.so.1 (0xb70c4000)
> libpthread.so.0 => /lib/libpthread.so.0 (0xb70aa000)
> libdl.so.2 => /lib/libdl.so.2 (0xb70a4000)
> libc.so.6 => /lib/libc.so.6 (0xb6f1f000)
> /lib/ld-linux.so.2 (0xb76ef000)
> bash-4.2$ openssl version
> OpenSSL 1.0.1g 7 Apr 2014
> bash-4.2$
>
> I just upgraded openssl.
>
> But this message
>
> > Cannot load modules/mod_ssl.so into server: libssl.so.1.0.0: cannot
> > open shared object file: No such file or directory
>
> doesn't say that there was a problem in compiling https, only that you
> miss the shared library libssl.so.1.0.0.
>
> Did you check that it is where expected?
>
> FYI, the configure command in Slackware 14.0 is:
> ./configure \
> --enable-layout=Slackware-FHS \
> --with-apr=/usr \
> --with-apr-util=/usr \
> --enable-mods-shared=all \
> --enable-so \
> --enable-mpms-shared=all \
> --enable-pie \
> --enable-cgi \
> --with-pcre \
> --enable-ssl \
> --enable-rewrite \
> --enable-vhost-alias \
> --enable-proxy \
> --enable-proxy-http \
> --enable-proxy-ftp \
> --enable-cache \
> --enable-mem-cache \
> --enable-file-cache \
> --enable-disk-cache \
> --enable-dav \
> --enable-ldap \
> --enable-authnz-ldap \
> --enable-authn-anon \
> --enable-authn-alias \
> --build=$ARCH-slackware-linux || exit 1
>
> HTH,
>
> Didier
>
> PS I don't see the need for this:
> > ./configure --prefix=/usr/openssl-1.0.1g share
>
> I'd just keep *only* the good version of openssl.
>
> In any case ldd /path/to/httpd should confirm you that there is a
> problem linking to openssl (maybe it's not in /usr/openssl-1.0.1g/lib
> ?)
>
>
>
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
> For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|