httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Poggenpohl, Daniel" <daniel.poggenp...@fernuni-hagen.de>
Subject [users@httpd] Can't activate LDAPS support in my OpenSSL 1.0.2g/OpenLDAP 2.4.44/Apache 2.4.18/PHP 5.6.20 combination
Date Thu, 14 Apr 2016 15:02:54 GMT
Hello everyone,

thanks to this mailing list I have identified and solved many problems in my builds regarding
my current setup for a Moodle installation.
- Removed unnecessary switches from Apache build
- Placement of switches inside commands
- new switches for selective runtime search path changing (even if I don't use them yet...)
- found new (to me) tools for checking info about binaries and libraries
- Facts about the order of checking in runtime linking paths (-R, crle, LD_LIBRARY_PATH)

So thanks for this so far, you've been very helpful.

Yet two problems remain, which may or may be the same problem.
- I have to set LD_LIBRARY_PATH to my own OpenSSL. Only then does PHPInfo tell me that the
correct OpenSSL is in use.
- Using the system OpenLDAP, I can't connect using LDAPS. Using my own OpenLDAP 2.4.44, I
can use LDAPS on the prompt and I can process a php file containing commands to connect via
LDAPS. I just can't request the same file via the browser (PHP then reports that it can't
bind to the LDAP server. I also can't login via LDAP to Moodle, but get a an error that the
secured connection can't be established. (I will send the exact error message if I recompile
again to test).

Checking in with ldd, all runtime search paths are set. I checked the paths for
OpenSSL: openssl, libssl, libcrypto
OpenLDAP: ldapsearch, libldap, liblber
Apache: httpd, the apr and apr-util libraries, mod_ssl
PHP: php, libphp5.so (in Apache)

The only things that's looked strange are:
- PHP uses Postgres libraries, which in turn depend on libssl and libcrypto. When I ldd, I
have dependencies to both /my/own/openssl/install/lib and to /usr/lib (libssl and libcrypto).
But I think that's okay....?
- PHP uses libcurl, it finds it in /usr/local/lib . This in turn depends on libssl and libcrypto
and when I ldd libcurl, it finds them in /usr/lib. Again, I don't know? How deep do I have
to go here?

My configure commands for each of the four tools:
# OpenSSL
OPENSSLDIR=/moodle/openssl/1.0.2g \
; \
export CFLAGS="-I$OPENSSLDIR/include" \
CFLAG= \
CPPFLAGS= \
LDFLAGS= \
; \
./Configure shared --openssldir=$OPENSSLDIR enable-ssl2 solaris-x86-gcc \
-I$OPENSSLDIR/include -L$OPENSSLDIR/lib -R$OPENSSLDIR/lib \
>openssl-102g-configure.out

# OpenLDAP
OPENLDAPDIR=/moodle/openldap/2.4.44 \
OPENSSLDIR=/moodle/openssl/1.0.2g \
; \
export CPPFLAGS="-I$OPENSSLDIR/include" \
CFLAGS= \
LDFLAGS="-L$OPENSSLDIR/lib -R$OPENSSLDIR/lib" \
; \
./configure --prefix=$OPENLDAPDIR --disable-slapd --with-cyrus-sasl --with-tls=openssl \
> openldap-2444-configure.out 2>&1

# Apache
APACHEDIR=/moodle/apache2/2.4.18 \
OPENSSLDIR=/moodle/openssl/1.0.2g \
; \
export PKG_CONFIG_PATH=$OPENSSLDIR/lib/pkgconfig \
CFLAGS= \
CPPFLAGS="-I$OPENSSLDIR/include" \
LDFLAGS="-L$OPENSSLDIR/lib -R$OPENSSLDIR/lib" \
; \
./configure --prefix=$APACHEDIR \
--enable-rewrite --enable-deflate \
--enable-ssl --with-ssl=$OPENSSLDIR \
--disable-version \
--with-included-apr \
--with-mpm=prefork \
>apache-2418-configure.out 2>&1

# PHP
APACHEDIR=/moodle/apache2/2.4.18 \
POSTGRESDIR= /usr/postgres/9.3-pgdg \
PHPDIR=/moodle/php/5.6.20 \
OPENSSLDIR=/moodle/openssl/1.0.2g \
; \
export PKG_CONFIG_PATH=$OPENSSLDIR/lib/pkgconfig \
CFLAGS="-std=gnu99" \
CPPFLAGS="-I$OPENLDAPDIR/include -I$OPENSSLDIR/include" \
LDFLAGS="-L$OPENLDAPDIR/lib -L$OPENSSLDIR/lib -R$OPENLDAPDIR/lib -R$OPENSSLDIR/lib" \
; \
./configure --prefix=$PHPDIR --with-config-file-path=$PHPDIR \
--enable-mbstring --enable-soap --enable-zip --enable-opcache \
--without-sqlite3 --without-pdo-sqlite \
--with-pgsql=$POSTGRESDIR --with-pdo-pgsql=$POSTGRESDIR \
--with-apxs2=$APACHEDIR/bin/apxs \
--with-gd --with-curl --with-xmlrpc --with-zlib --with-mcrypt \
--with-ldap=$OPENLDAPDIR \
--with-openssl=$OPENSSLDIR --with-jpeg-dir=$PHPDIR/jpeg \
--with-iconv=/usr/local \
>php-5620-configure.out 2>&1

I also have output for the different stages of the build if that would help.

Regards,
Daniel Poggenpohl

Dipl.-Inf. Daniel Poggenpohl
FernUniversität in Hagen
Zentrum für Medien und IT (ZMI)
Universitätsstraße 21
58084 Hagen
AVZ, Raum A107
Tel.: +49 (2331) 987-2801
Fax: +49 (2331) 987-2720

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message