Keep Server Online
If you find the Apache Lounge, the downloads and overall help useful, please express your satisfaction with a donation.
or
A donation makes a contribution towards the costs, the time and effort that's going in this site and building.
Thank You! Steffen
Your donations will help to keep this site alive and well, and continuing building binaries. Apache Lounge is not sponsored.
| |
|
 Topic: Apache pointing to old openssl version after recompilation |
|
| Author |
|
Rasheed_itsme
Joined: 02 Jul 2014
Posts: 12
Location: India
|
 Posted: Mon 07 Sep '15 5:41 Post subject: Apache pointing to old openssl version after recompilation |
 |
|
Hi,
I need a help in apache compilation.
Recently we upgraded the openssl version in our solaris server.
Old version OpenSSL 0.9.7d is there in the path /usr/sfw/bin/
We installed new version OpenSSL 0.9.8i in the path /usr/local/ssl/
ls -lrt /usr/local/ssl
total 34
-rw-r--r-- 1 bin bin 9374 Oct 1 2008 openssl.cnf
drwxr-xr-x 2 bin bin 512 Jul 2 18:46 bin
drwxr-xr-x 2 bin bin 512 Jul 2 18:46 certs
drwxr-xr-x 3 bin bin 512 Jul 2 18:46 include
drwxr-xr-x 4 bin bin 512 Jul 2 18:46 lib
drwxr-xr-x 6 bin bin 512 Jul 2 18:46 man
drwxr-xr-x 2 bin bin 512 Jul 2 18:46 misc
drwxr-xr-x 2 bin bin 512 Jul 2 18:46 private
After we installed the openssl version, we taken backup of the current apache folder /pp/apache and removed that folder and installed the apache once again using the below command. but after the installation with the new openssl path as argument still apache referring the old openssl version. Could anyone please help me on this ?
| Code: |
./configure \
CC="/usr/local/bin/gcc" CFLAGS=-fstack-protector \
--prefix=/pp/apache \
--enable-ssl=shared \
--enable-so \
--with-ssl=/usr/local/ssl \
--enable-rewrite=shared \
--enable-speling=shared \
--disable-userdir \
--disable-status \
--with-mpm=worker \
--enable-mods-shared="autoindex asis actions include" \
--enable-proxy=shared \
--enable-proxy_ajp=shared \
--enable-log-forensic=shared \
--enable-filter \
--disable-cgi \
--enable-cgid \
--enable-deflate=shared \
--enable-cache=shared \
--enable-mem-cache=shared
|
mod ssl pointing to old version :
| Code: |
ldd /pp/apache/modules/mod_ssl.so
libssl.so.0.9.7 => /usr/sfw/lib/libssl.so.0.9.7
libcrypto.so.0.9.7 => /usr/sfw/lib/libcrypto.so.0.9.7
libsocket.so.1 => /lib/libsocket.so.1
libnsl.so.1 => /lib/libnsl.so.1
libdl.so.1 => /lib/libdl.so.1
libc.so.1 => /lib/libc.so.1
libgcc_s.so.1 => /usr/sfw/lib/libgcc_s.so.1
libmp.so.2 => /lib/libmp.so.2
libmd.so.1 => /lib/libmd.so.1
libscf.so.1 => /lib/libscf.so.1
libdoor.so.1 => /lib/libdoor.so.1
libuutil.so.1 => /lib/libuutil.so.1
libgen.so.1 => /lib/libgen.so.1
libssl_extra.so.0.9.7 => /usr/sfw/lib/libssl_extra.so.0.9.7
libcrypto_extra.so.0.9.7 => /usr/sfw/lib/libcrypto_extra.so.0.9.7
libm.so.2 => /lib/libm.so.2
/platform/SUNW,SPARC-Enterprise-T5220/lib/libc_psr.so.1
/platform/SUNW,SPARC-Enterprise-T5220/lib/libmd_psr.so.1
|
|
|
| Back to top |
|
Steffen
Moderator
Joined: 15 Oct 2005
Posts: 3092
Location: Hilversum, NL, EU
|
|
| Back to top |
|
Rasheed_itsme
Joined: 02 Jul 2014
Posts: 12
Location: India
|
| Posted: Tue 08 Sep '15 7:06 Post subject: |
|
|
Thank you for the reply, In Mario case it was not able to install/configure/start properly.
In my case, compile was successful, even Apache came up but the Apache is pointing to the old openssl version in Solaris.
I checked the ssl module of Apache using ldd command and found its taking the old openssl version library. not sure how to make it refer the new openssl version libraries. |
|
| Back to top |
|
admin
Site Admin
Joined: 15 Oct 2005
Posts: 692
|
| Posted: Tue 08 Sep '15 9:48 Post subject: |
|
|
Mario (James Blond) was also dealing that the old OpenSSL shows up.
I think he solved it, you can try his build scripts: https://github.com/JBlond/debian_build_apache24?files=1
I am not experienced with *nix, hopefully Mario can jump in. |
|
| Back to top |
|
James Blond
Moderator
Joined: 19 Jan 2006
Posts: 7373
Location: Germany, Next to Hamburg
|
| Posted: Tue 08 Sep '15 10:40 Post subject: |
|
|
the key soluation was to install a complete OpenSSL into a non standard folder and configure the apache build to use that path PLUS export the LDFLAGS.
I'd be happy if you fork my github repo, create a branch for solaris, change it so that it compiles apache on solaris and create a pull request so that other can benefit, too. |
|
| Back to top |
|
|
|
|
|
|
