Apache-mod_ssl-PHP-Howto  

<< HOWTO-Index

  NEW! Visit my Linux forums!

  This Howto is also available on HowtoForge! If you have also written tutorials, you can publish them there.

Subscribe to FalkoTimme.com Newsletter
and stay informed about my latest HOWTOs and projects.
Email
(If you want to unsubscribe from our newsletter, visit this link.)

Apache-mod_ssl-PHP-Howto

Version 1.0
Author: Falko Timme <ft [at] falkotimme [dot] com>
Last edited 02/22/2004

This document describes how to install an Apache web server (1.3.x) with mod_ssl and PHP enabled.

This howto is meant as a practical guide; it does not cover the theoretical backgrounds. They are treated in a lot of other documents in the web.

This document comes without warranty of any kind!

 

1 Get the Sources

We need the following software: openssl, apache (1.3.x), mod_ssl and PHP. We will install the software from the /tmp directory.

cd /tmp
wget http://www.openssl.org/source/openssl-0.9.7c.tar.gz
wget http://www.apache.de/dist/httpd/apache_1.3.29.tar.gz
wget http://www.modssl.org/source/mod_ssl-2.8.16-1.3.29.tar.gz

Then go to http://www.php.net and download the latest PHP version (4.3.4 at the time of this writing). Download it to your /tmp directory

 

2 Install Openssl

tar xvfz openssl-0.9.7c.tar.gz
cd openssl-0.9.7c
./config
make
make install

 

3 Configure and Install mod_ssl and apache

cd /tmp
tar xvfz apache_1.3.29.tar.gz
tar xvfz mod_ssl-2.8.16-1.3.29.tar.gz
cd mod_ssl-2.8.16-1.3.29
./configure --with-apache=../apache_1.3.29 --with-ssl=/usr/local/ssl/ --prefix=/usr/local/apache --enable-module=most --enable-shared=max --logfiledir=/var/log/httpd --htdocsdir=/usr/local/httpd/htdocs --bindir=/usr/bin --sbindir=/usr/sbin --sysconfdir=/etc/httpd
(1 line!)

(The option --htdocsdir=/usr/local/httpd/htdocs specifies the the default location for documents that will be delivered by this web server is in /usr/local/httpd/htdocs.

Please note: You can change the configure command to suit to your needs. Type

./configure --help

to get a list of all configuration options available!)

cd ../apache_1.3.29
make
make certificate TYPE=custom

<- Signature Algorithm: R
<- Country Name: Type your country's name (e.g DE for Germany)
<- State or Province Name: e.g. Lower Saxony, California, etc.
<- Locality Name: e.g. Lueneburg, Los Angeles, Paris, London, etc.
<- Organization Name: e.g. the name of your company
<- Organizational Unit Name: e.g. IT Department
<- Common Name: e.g. My Company CA
<- Email Address: e.g. info@mycompany.tld
<- Certificate Validity: e.g. 365 (one year)
<- Certificate Version: 3
<- Country Name: see above
<- State or Province Name: see above
<- Locality Name: see above
<- Organization Name: see above
<- Organizational Unit Name: see above
<- Common Name: the fully qualified domain name (FQDN) of your server, e.g. www.example.com
<- Email Address: see above
<- Certificate Validity: see above
<- Certificate Version: 3
<- Encrypt the private key now? n
<- Encrypt the private key now? n

(Please note: It is safe to accept the default values for all the questions above because in either case you will receive a warning in your browser if you try to access an SSL site on your server:

If you do not want to get this warning you will have to get a "real" SSL certificate (but this is not for free!). Have a look at the following sites:

make install


4 Install PHP

cd /tmp
tar xvfz php-4.3.4.tar.gz
cd php-4.3.4
./configure --with-apxs=/usr/sbin/apxs --enable-track-vars --enable-sockets --with-config-file-path=/etc --enable-ftp --with-zlib --with-openssl=/usr/local/ssl --enable-force-cgi-redirect --enable-exif --with-gd
(1 line!)

(Please note: You can change the configure command to suit to your needs. Type

./configure --help

to get a list of all configuration options available! If you do not specify the --with-mysql[=DIR] option, the bundled MySQL library will be used. This works in most cases.

If you use --with-gd, and you get an error message because of a missing libpng library, install it and then re-run the configure command. On Debian,

apt-get install libpng-dev libpng2 libpng2-dev libpng3

worked fine for me to install libpng. If you have an rpm-based distribution, use http://www.rpmfind.net to find an rpm for you, or have a look at http://www.libpng.org/pub/png/libpng.html.)

make
make install

This will install a PHP binary (normally under /usr/local/bin/php) that can be run from the command line as well as an Apache module.

Now we have to create /etc/php.ini. The easiest way is to take the one that comes with the PHP sources:

cp /tmp/php-4.3.4/php.ini-dist /etc/php.ini

If you like you can now modify /etc/php.ini to suit to your needs.

 

5 Configure Apache

Now we have to add the following entry in /etc/httpd/httpd.conf (in the section where document types are handled; there should be entries like AddHandler or AddType):

AddType application/x-httpd-php .php .php4 .php3

Create /etc/init.d/httpd:

#!/bin/sh
	  
case "$1" in
start)
  /usr/sbin/apachectl startssl
;;
stop)
  /usr/sbin/apachectl stop
;;
restart)
  $0 stop && sleep 3
  $0 start
;;
reload)
  $0 stop
  $0 start
;;
*)
echo "Usage: $0 {start|stop|restart|reload}"
exit 1
esac


chmod 755 /etc/init.d/httpd

In order to start your Apache at boot time do the following:

ln -s /etc/init.d/httpd /etc/rc2.d/S20httpd
ln -s /etc/init.d/
httpd /etc/rc3.d/S20httpd
ln -s /etc/init.d/
httpd /etc/rc4.d/S20httpd
ln -s /etc/init.d/
httpd /etc/rc5.d/S20httpd
ln -s /etc/init.d/
httpd /etc/rc0.d/K20httpd
ln -s /etc/init.d/
httpd /etc/rc1.d/K20httpd
ln -s /etc/init.d/
httpd /etc/rc6.d/K20httpd

Then start your Apache:

/etc/init.d/httpd start

 

6 Test your Configuration

netstat -tap

should show you that Apache uses the ports 80 (http) and 443 (https).

Now go to /usr/local/httpd/htdocs and create a file called info.php with the following contents:

<?php
  phpinfo();
php?>

 

Try to access it with your browser (e.g. using the IP address of the server) via http (e.g. http://192.168.0.1/info.php) and https (https://192.168.0.1/info.php). The output should look similar to this screenshot:

 

Links

Apache: http://www.apache.org/

OpenSSL: http://www.openssl.org/

mod_ssl: http://www.modssl.org/

PHP: http://www.php.net/

  NEW! Visit my Linux forums!

  This Howto is also available on HowtoForge! If you have also written tutorials, you can publish them there.

If you find this page useful you can acknowledge your gratitude by making a donation (through PayPal):

<< HOWTO-Index

 
Copyright 2014, Falko Timme. All rights reserved.
     Home  |  News  |  HOWTOs  |  Projects  |  Forums  |  Support  |  About Me   |  Contact Information  |  Site Map