Due to security vulnerabilities in previous versions of openssl, I downloaded and built openssl-1.0.0d by following these steps:
./config no-shared -fPIC
make
make install
I then proceeded to build apache2 (httpd-2.2.1l7) without any issues using the new openssl libraries.
PHP, however has been another story. I ran configure as follows:
./configure --build=i686-redhat-linux-gnu --host=i686-redhat-linux-gnu --target=i386-redhat-linux-gnu --program-prefix= --prefix=/usr --exec-prefix=/usr --bindir=/usr/bin --sbindir=/usr/sbin --sysconfdir=/etc --datadir=/usr/share --includedir=/usr/include --libdir=/usr/lib --libexecdir=/usr/libexec --localstatedir=/var --sharedstatedir=/usr/com --mandir=/usr/share/man --infodir=/usr/share/info --cache-file=../config.cache --with-libdir=lib --with-config-file-path=/etc --with-config-file-scan-dir=/etc/php.d --disable-debug --with-mysql=/usr/local/mysql --with-ldap --with-apxs2 --with-mcrypt --enable-mbstring --enable-soap --with-openssl=/usr/local/ssl --with-pic
Everything compiles clean but blows up during the final load. Here's the error message:
/usr/bin/ld: /usr/local/ssl/lib/libssl.a(s2_srvr.o): relocation R_X86_64_32 against `a local symbol' can not be used when making a shared object; recompile with -fPIC
/usr/local/ssl/lib/libssl.a: could not read symbols: Bad value
What do I do now? I'm building on a CentOS x64 platform. The same build works fine on a 32bit box.
