SSL 対応の Apache-2 を作成する。
(Apache-2 系は、別途 mod_ssl のソースを用意しなくても、最初から Apache のソースに含まれているようであります)
ソースの展開。
http://httpd.apache.org/download.cgi から httpd-2.0.50.tar.gz を落としてくる。
serv2# pwd
/usr/local/src
serv2# ls -la http*
-rw-r--r-- 1 root wheel 6338536 Aug 4 00:58 httpd-2.0.50.tar.gz
serv2# tar xvfz httpd-2.0.50.tar.gz
<略>
httpd-2.0.50/test/zb.c
httpd-2.0.50/configure
httpd-2.0.50/httpd.spec
serv2# cd httpd-2.0.50
configure を実行する。
serv2# ls -la /usr/lib/libssl*
-r--r--r-- 1 root wheel 266664 Feb 24 04:42 /usr/lib/libssl.a
lrwxrwxrwx 1 root wheel 11 Jul 21 22:22 /usr/lib/libssl.so -> libssl.so.3
-r--r--r-- 1 root wheel 204560 Feb 24 04:42 /usr/lib/libssl.so.3
-r--r--r-- 1 root wheel 272888 Feb 24 04:42 /usr/lib/libssl_p.a
OpenSSL の Lib ファイルは /usr/lib 以下にいる・・・ってことは、ベースディレクトリは /usr でいいわけだな。
serv2# ./configure --enable-modules="so ssl" --with-ssl=/usr
checking for chosen layout... Apache
checking for working mkdir -p... yes
checking build system type... i386-unknown-freebsd5.2.1
<略>
checking whether to enable mod_ssl... checking dependencies
checking for SSL/TLS toolkit base... /usr
checking for SSL/TLS toolkit version... OpenSSL 0.9.7c 30 Sep 2003
checking for SSL/TLS toolkit includes... /usr/include
checking for SSL/TLS toolkit libraries... /usr/lib
adding "-I/usr/include/openssl" to INCLUDES
setting LIBS to "-lssl -lcrypto"
checking for SSL_set_state... no
checking for SSL_set_cert_store... no
<略>
creating modules/ssl/Makefile
<略>
config.status: creating docs/conf/ssl-std.conf
うん、まあ、SSL 関係のファイルもちゃんと見つけられているようだし、正常に configure は終了したのだろう。
インストールする。
serv2# make
Making all in srclib
Making all in apr
Making all in strings
/bin/sh /usr/local/src/httpd-2.0.50/srclib/apr/libtool --silent --mode=compile gcc -g -O2 -DHAVE_CONFIG_H -D_REENTRANT -D_THREAD_SAFE -I../include -I../include/arch/unix -c apr_cpystrn.c && touch apr_cpystrn.lo
<略>
/usr/local/src/httpd-2.0.50/srclib/apr/libtool --silent --mode=link gcc -g -O2 -D_REENTRANT -D_THREAD_SAFE -DAP_HAVE_DESIGNATED_INITIALIZER -I/usr/local/src/httpd-2.0.50/srclib/apr/include -I/usr/local/src/httpd-2.0.50/srclib/apr-util/include -I/usr/local/include -I. -I/usr/local/src/httpd-2.0.50/os/unix -I/usr/local/src/httpd-2.0.50/server/mpm/prefork -I/usr/local/src/httpd-2.0.50/modules/http -I/usr/local/src/httpd-2.0.50/modules/filters -I/usr/local/src/httpd-2.0.50/modules/proxy -I/usr/local/src/httpd-2.0.50/include -I/usr/local/src/httpd-2.0.50/modules/generators -I/usr/include/openssl -I/usr/local/src/httpd-2.0.50/modules/dav/main -export-dynamic -L/usr/local/lib -o httpd modules.lo modules/aaa/mod_access.la modules/aaa/mod_auth.la modules/filters/mod_include.la modules/loggers/mod_log_config.la modules/metadata/mod_env.la modules/metadata/mod_setenvif.la modules/ssl/mod_ssl.la modules/http/mod_http.la modules/http/mod_mime.la modules/generators/mod_status.la modules/generators/mod_autoindex.la modules/generators/mod_asis.la modules/generators/mod_cgi.la modules/mappers/mod_negotiation.la modules/mappers/mod_dir.la modules/mappers/mod_imap.la modules/mappers/mod_actions.la modules/mappers/mod_userdir.la modules/mappers/mod_alias.la modules/mappers/mod_so.la server/mpm/prefork/libprefork.la server/libmain.la os/unix/libos.la -lssl -lcrypto /usr/local/src/httpd-2.0.50/srclib/pcre/libpcre.la /usr/local/src/httpd-2.0.50/srclib/apr-util/libaprutil-0.la -lexpat /usr/local/src/httpd-2.0.50/srclib/apr/libapr-0.la -lm -lcrypt
serv2# make install
Making install in srclib
Making install in apr
Making all in strings
<略>
----------------------------------------------------------------------
Libraries have been installed in:
/usr/local/apache2/lib
If you ever happen to want to link against installed libraries
in a given directory, LIBDIR, you must either use libtool, and
specify the full pathname of the library, or use the `-LLIBDIR'
flag during linking and do at least one of the following:
- add LIBDIR to the `LD_LIBRARY_PATH' environment variable
during execution
- add LIBDIR to the `LD_RUN_PATH' environment variable
during linking
- use the `-Wl,--rpath -Wl,LIBDIR' linker flag
See any operating system documentation about shared libraries for
more information, such as the ld(1) and ld.so(8) manual pages.
----------------------------------------------------------------------
<略>
mkdir /usr/local/apache2/man/man8
mkdir /usr/local/apache2/manual
Installing build system files
serv2# ls -lad /usr/local/apache*
drwxr-xr-x 15 root wheel 512 Aug 4 01:16 /usr/local/apache2
ドキュメントは、いつものように /usr/local/share/apache 以下に作成することにする。
serv2# mkdir /usr/local/share/apache
serv2# mv /usr/local/apache2/htdocs /usr/local/share/apache
serv2# mv /usr/local/apache2/cgi-bin /usr/local/share/apache
serv2# mv /usr/local/apache2/icons /usr/local/share/apache
serv2# mv /usr/local/apache2/manual /usr/local/share/apache
serv2# ls -la /usr/local/share/apache
total 20
drwxr-xr-x 6 root wheel 512 Aug 4 01:27 .
drwxr-xr-x 19 root wheel 512 Aug 4 01:26 ..
drwxr-xr-x 2 root wheel 512 Aug 4 01:26 cgi-bin
drwxr-xr-x 2 root wheel 1024 Aug 4 01:26 htdocs
drwxr-xr-x 3 root wheel 3584 Aug 4 01:27 icons
drwxr-xr-x 13 root wheel 7168 Aug 4 01:27 manual
ログは、/var/log/apache/logs/www.netandfield.com 以下に。(VirtualHost が増えることを見越して、logs 以下にホスト名のサブディレクトリを作成)
serv2# mkdir /var/log/apache
serv2# mv /usr/local/apache2/logs /var/log/apache
serv2# ls -la /var/log/apache
total 6
drwxr-xr-x 3 root wheel 512 Aug 4 01:28 .
drwxr-xr-x 3 root wheel 1024 Aug 4 01:27 ..
drwxr-xr-x 2 root wheel 512 Aug 4 01:16 logs
httpd.conf 内のパス等を修正する。
(例)httpd.conf の中で修正を行う部分
LockFile /var/log/apache/logs/www.netandfield.com/accept.lock
PidFile /var/run/httpd.pid
ServerAdmin webmaster@netfield.com
DocumentRoot "/usr/local/share/apache/htdocs"
<Directory "/usr/local/share/apache/htdocs">
ErrorLog /var/log/apache/logs/www.netandfield.com/error_log
CustomLog /var/log/apache/logs/www.netandfield.com/access_log combined
Alias /icons/ "/usr/local/share/apache/icons/"
<Directory "/usr/local/share/apache/icons">
<Directory "/usr/local/share/apache/manual">
ScriptAlias /cgi-bin/ "/usr/local/share/apache/cgi-bin/"
<Directory "/usr/local/share/apache/cgi-bin">
LanguagePriority ja en ca cs da de el eo es et fr he hr it ko ltz nl nn no pl pt pt-BR ru sv zh-CN zh-TW
AddDefaultCharset none
等々...
今回は取りあえず、SSL は有効にせず Apache 起動。
serv2# ps -ax | grep http
19573 p1 R+ 0:00.00 grep http
serv2# /usr/local/apache2/bin/apachectl start
serv2# ps -ax | grep http
19576 ?? Ss 0:00.32 /usr/local/apache2/bin/httpd -k start
19577 ?? S 0:00.00 /usr/local/apache2/bin/httpd -k start
19578 ?? S 0:00.00 /usr/local/apache2/bin/httpd -k start
19579 ?? S 0:00.00 /usr/local/apache2/bin/httpd -k start
19580 ?? S 0:00.00 /usr/local/apache2/bin/httpd -k start
19581 ?? S 0:00.00 /usr/local/apache2/bin/httpd -k start
* 1.3 系だと、apachectl の中に PID ファイルのパスが書かれていたので、それも修正しないといけなかったが、2.0 系はそれがないので、そのまま apachectl を使って Apache の実行が出来る。httpd.conf と二重修正しなくてよくなったので楽勝。
|
|
