Apache, SSL, Red Hat 4

Filed in Development Leave a comment

A new requirement came down for the Solo Tech application the other day. We need to serve it using SSL and in addition the SOAP calls to the API need to use SSL as well. There was a lot of hoop jumping in order to get this working. I had a previous install of Apache using DSO and I was hoping to load mod_ssl dynamically along with my other modules. However I could not get apxs to create the mod_ssl module. So I ended up recompiling Apache and PHP from scratch.

First I installed the latest version of openSSl from here.
(remember to do installs as root)

# gzip -d openssl.tar.gz
# tar -xvf openssl.tar
# cd openssl
# ./configure -fPIC os/compiler:gcc
# make
# make test
# make install

Then compile and install Apache to use ssl, php, rewrite and so (shared objects). Unzip and untar as above and switch into the new directory.

# ./configure --enable-ssl=shared --with-ssl=/usr/local/ssl/ --enable-rewrite=shared --enable-setenvif --enable-so
# make
# make install

I then created a key and certificate by doing the following and storing them in apache2/conf/certs

The last line creates a self signed certificate.

# openssl genrsa -out hostname.key 1024
# openssl req -new -key hostname.key -out hostname.csr
# openssl x509 -req -days 365 -in hostname.csr -signkey hostname.key -out hostname.crt

Open up apache2/conf/httpd.conf and uncomment the following line:

Include conf/extra/httpd-ssl.conf

Then open up apache2/conf/extra/httpd-ssl.conf and un-comment and set the paths to the certificate and key you just created.

SSLCertificateFile "/usr/local/apache2/conf/certs/hostname.crt"
SSLCertificateKeyFile "/usr/local/apache2/conf/certs/hostname.key"

Restart Apache. (I have apachectl in my path)

# apachectl -k restart

If everything is cool then you should be able to request a page from your server through https. The browser will complain about the certificate. You can accept the certificate and then you should be communicating through SSL.

The next step is setting up PHP. So stop Apache.

# apachectl -k stop

Repeat the unzip and untar process from above on the downloaded PHP archive and proceed with configuration and installation.

#  ./configure --with-apxs2=/usr/local/apache2/bin/apxs --with-mysql --with-curl --enable-soap --with-openssl=/usr/local/ssl
# make
# make test
# make install

Your path to openssl may differ to just verify its location with:

# whereis openssl

Move the PHP ini file to its final location:

# cp php.ini-dist /usr/local/lib/php.ini

Again this may differ on your system.
Open apache2/conf/httpd.conf again and add the following lines at the end.

          SetHandler application/x-httpd-php

Make sure the php module is being loaded by the conf file. You should see this:

LoadModule ssl_module modules/mod_ssl.so
LoadModule rewrite_module modules/mod_rewrite.so
LoadModule php5_module        modules/libphp5.so

Restart the server.

For the SOAP stuff I set this in my app config.php file.

define('SOAP_URL', 'https:<URL>?wsdl');
define('SOAP_ORGNAME', 'ORG1002');
define('SOAP_API_VERSION', '3.2');
define('SOAP_WAIT', '0');
define('SSL_CERT_PATH', '/usr/local/apache2/certs/triad.pem');

And then when I instantiate the SOAP client I do this:

 
        try
        {
            $this->client = new SoapClient(
	            SOAP_URL,
		            array (
		            "trace"=>true
		            , "exceptions"=>true
		            , 'features'=>SOAP_SINGLE_ELEMENT_ARRAYS
					, 'local_cert' => SSL_CERT_PATH
		            )
            );
        }
        catch(SoapFault $f)
        {
            throw new Exception($f->getMessage());
        }

, , ,

Installing Apache and PHP on Red Hat 5

Filed in Development Leave a comment

As part of building up my dev environment at ETI I had to install Apache2.2 and PHP5 on Red Hat 5. Here are my install notes.

Do this as root.

First download the source for Apache and PHP. This command will get the file from the URL and put it at your present location.

#wget

Unzip and untar the Apache Archive

#gzip -d  
#tar xvf

Switch into the apache directory created from untarring the file.

Configure Apache with Dynamic Object support so that you add new modules easily at a later time.

#./configure ./configure --enable-so
#make
#make install

Done. Now you can test by starting and stopping the server

#/usr/local/apache2/bin/apachectl -k [start | stop]

If there are no errors when running it you should be able to browse to the test page:

http://<server ip>

PHP

Repeat the unzip and untar instructions above for the PHP archive.
Configure PHP with options you need. In my case I need mysql, cURL and SOAP. Notice the first option with the path to apxs. This is actually going to compile the PHP module and move it to Apache’s module directory. This is also used later when want to build and install new Apache modules.

#./configure --with-apxs2=/usr/local/apache2/bin/apxs --with-mysql --with-curl --enable-soap
#make
#make install

Then you want to move the distributed PHP config file to the final location. In my case it was this:

#cp php.ini-dist /usr/local/lib/php.ini

You also need to edit the Apache config file to tell it to process PHP files. I put this at the end of my httpd.conf file.

    SetHandler application/x-httpd-php

Finally I wanted to install mod_rewrite. In the directory that contains the source files look for the modules directory that contains the module you need. In my case it is mappers. Then I ran this command which compiles and installs the mod_rewrite module.

#/usr/local/apache2/bin/apxs -i -a -c mod_rewrite.c

Restart Apache and off you go.

Useful Links
http://httpd.apache.org/docs/2.0/programs/apxs.html
http://httpd.apache.org/docs/2.2/dso.html
http://www.php.net/manual/en/install.unix.apache2.php

, ,

Apache Virtual Host on Windows XP

Filed in General Leave a comment

I wanted to set up some virtual hosts in my local environment. I found this very helpful page. Here is the lesson in a nutshell.

Assuming Apache 2.2 is installed in the default location open the following file:

C:\Program Files\Apache Software Foundation\Apache2.2\conf\httpd.conf

Find the lines that read:

# Virtual hosts
#Include conf/extra/httpd-vhosts.conf

and remove the comment (#) so that it looks like this:

# Virtual hosts
Include conf/extra/httpd-vhosts.conf

This enables virtual hosting in Apache. Note that it also shuts down the default host.

Open the following Windows file:

c:\WINDOWS\system32\drivers\etc\hosts

You should see something like the following:

127.0.0.1       localhost

Duplicate the line (keep the same IP number) and name a new host, for instance recipemanager and save the file.

Open the following file (this is the file you just enabled in Apache:

C:\Program Files\Apache Software Foundation\Apache2.2\conf\extra\httpd-vhosts.conf

Added the following:

<Directory c:/vhosts>
Options Indexes FollowSymLinks
AllowOverride All
Order Deny,Allow
Allow from all
</Directory>

This propagates the permissions you set in the directive to cascade to all foldes in c:/vhosts which means you can set up all your virtual servers under c:/vhosts.

Because the default localhost is disabled you need to create that like this:

<VirtualHost *:80>
DocumentRoot c:/htdocs
ServerName localhost
</VirtualHost>

This points localhost at c:/htdocs

Then you can create your recipemanager host:

<VirtualHost *:80>
DocumentRoot c:/vhosts/recipemanager/site
ServerName recipemanager
</VirtualHost>

Reboot Apache. Place a test file in c:/vhosts/recipemanager/site

Navigate with your browser to http://recipemanager/<TESTFILENAME>

And you should see the rendered file.

TOP