httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Sander Temme <scte...@apache.org>
Subject Re: ReCap: 2.2.4 windows binary w/ssl?
Date Tue, 06 Mar 2007 23:41:49 GMT

On Feb 18, 2007, at 8:01 PM, William A. Rowe, Jr. wrote:

> As such... I'm requesting review and feedback of the first installer
> package candidate to include ssl...
>
> http://httpd.apache.org/dev/dist/apache_2.2.4-win32-x86- 
> openssl-0.9.8d.msi

I finally have a Win2k3 build that doesn't go away every 14 days...  
quite liberating.

---
Installer looks good, no surprises.

The 'Feature Description' of the 'OpenSSL Runtime' subfeature is too  
long, and gets cut off at "these are not re...".

---

When I try to use bin\openssl.exe to generate a self-signed cert, it  
complains: "Unable to load config file info from /usr/local/ssl/ 
openssl.cnf". My command line, from the conf dir:

..\bin\openssl req -new -newkey rsa:1024 -days 365 -nodes -x509 - 
keyout server.key -out server.crt

When I precede the command by

set OPENSSL_CONF="C:\Program Files\Apache Software Foundation 
\Apache2.2\conf\openssl.cnf", I get the error message "Unable to load  
config info from "C:\Program Files\Apache Software Foundation 
\Apache2.2\conf\openssl.cnf"

When I do the set without the double quotes, it works. Ugh. Wrapper  
time?

---

I see one needs to uncomment both the ssl LoadModule line and the  
Include for extra/httpd-ssl.conf.

---

Service start bitches about a syntax error on line 62 of extra/httpd- 
ssl.conf:
"SSLSessionCache takes one argument, SSL Session Cache storage  
(`none', `nonenotnull', `dbm:/path/to/file')
The failing value is: SSLSessionCache shmcb:C:/Program Files/Apache  
Software Foundation/Apache2.2/logs/ssl_scache(512000)

Using the commented out dbm: example in line 61 instead makes this  
go, after I "quote" the directive argument to accomodate the spaces  
in the path.

---

Argument to ErrorLog directive in line 80 must be quoted because of  
spaces in path.

---

Ditto argument to TransferLog directive in line 81.

---

Ditto argument to SSLCertificateFile in line 99.

---

Ditto argument to SSLCertificateKeyFile in line 107.

---

Ditto first argument to CustomLog in line 229.

The above makes the server start and serve HTTPS (and http).

Don't know about the shm session cache. Otherwise, the quotation  
issues are fairly minor. I see that in trunk on unix we quote paths,  
and in extra/httpd-ssl.conf we don't. Time to rigorously quote every  
path in those extra config files as well?

One final nitpick: I now have both httpd 2.2.4 and Tomcat 6.0.10  
installed on that box, and there are two systray icons, one for each  
server, both with a cute little Feather icon.  Backwards reels the  
mind.  We seriously need to talk about sharing the love here.  I  
assume those are ApacheMonitor.exe and tomcat6w.exe?  Why not ship  
one that picks up both httpd and Tomcat services, whose presence is  
recognized by the other's installer?

S.

-- 
sctemme@apache.org            http://www.temme.net/sander/
PGP FP: 51B4 8727 466A 0BC3 69F4  B7B8 B2BE BC40 1529 24AF



Mime
View raw message