Fw: Apache 2.0.42 / Win2000 / OpenSSL ?

Fw: Apache 2.0.42 / Win2000 / OpenSSL ?

am 03.10.2002 01:30:08 von Harald Wopenka

Hi there,

is there already a possibility to use https with Apache 2? Does anybody know
a HowTo where I can see step by step how I can setup SSL on Apache 2 on my
Windows 2000 Server?

Thanks in advance,
Harry


____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org

Re: Fw: Apache 2.0.42 / Win2000 / OpenSSL ?

am 03.10.2002 04:58:38 von hunter

Harald Wopenka wrote:
> Hi there,
>
> is there already a possibility to use https with Apache 2? Does anybody know
> a HowTo where I can see step by step how I can setup SSL on Apache 2 on my
> Windows 2000 Server?
>
> Thanks in advance,
> Harry
>
>
> ____________________________________________________________ __________
> Apache Interface to OpenSSL (mod_ssl) www.modssl.org
> User Support Mailing List modssl-users@modssl.org
> Automated List Manager majordomo@modssl.org
>

Harold,

If you do not want to build your own then use these binaries that I just
recently built.

http://hunter.campbus.com/Apache_2.0.42-OpenSSL_0.9.6g-Win32 .zip

If you want to build your own follow the instructions from an earlier
reply to another user...


NOTE: A new release of Apache2 has occurred since I di these notes.

You will have to do quite a bit of configuring to get this working.
When you get to that part, read/and ask questions...



>>>>>>>>>>>>> OLD EMAIL >>>>>>>>>>>>>>>>>>>

I apologize for the sloppiness...

hunter wrote:
arcean wrote:

(snip)
I will have to download new source and try again to know what the
situation is and I am sorry but I have to run off to work. Later, ok?

Chris.

I have not located an msi installer for Apache 2.0.39
These are the steps that I followed build it from source.

1. Download httpd-2.0.39-win32-src.zip
2. Unzip into directory httpd-2.0.39
3. Create directory ?:\httpd-2.0.39\srclib\openssl
4. Extract openssl-0.9.6d.tar.gz
5. Copy the contents of \openssl-0.9.6d to \httpd-2.0.39\srclib\openssl
6. Go to :\httpd-2.0.39\srclib\openssl follow instructions in INSTALL.W32

Bellow is the results mixed within the instructionss...

Visual C++
----------

First should run Configure:

> perl Configure VC-WIN32

2002.07.17 21.47.37.13
[I:\httpd-2.0.39\srclib\openssl]perl configure VC-WIN32
Configuring for VC-WIN32
IsWindows=1
CC =cl
CFLAG =-DTHREADS -DDSO_WIN32
EX_LIBS =
BN_ASM =bn_asm.o
DES_ENC =des_enc.o fcrypt_b.o
BF_ENC =bf_enc.o
CAST_ENC =c_enc.o
RC4_ENC =rc4_enc.o
RC5_ENC =rc5_enc.o
MD5_OBJ_ASM =
SHA1_OBJ_ASM =
RMD160_OBJ_ASM=
PROCESSOR =
RANLIB =/usr/bin/ranlib
PERL =/usr/bin/perl
THIRTY_TWO_BIT mode
BN_LLONG mode
RC4_INDEX mode
RC4_CHUNK is undefined

Configured for VC-WIN32.

2002.07.17 21.48.04.99
[I:\httpd-2.0.39\srclib\openssl]

Next you need to build the Makefiles and optionally the assembly language
files:

- If you are using MASM then run:

> ms\do_masm

2002.07.17 21.48.04.99
[I:\httpd-2.0.39\srclib\openssl]ms\do_masm
Generating x86 for MASM assember
Bignum
DES
"crypt(3)"
Blowfish
CAST5
RC4
MD5
SHA1
RIPEMD160
RC5\32

2002.07.17 21.49.00.49
[I:\httpd-2.0.39\srclib\openssl]perl util\mkfiles.pl 1>MINFO

2002.07.17 21.49.00.85
[I:\httpd-2.0.39\srclib\openssl]rem perl util\mk1mf.pl VC-MSDOS no-sock
>ms\msdos.mak

2002.07.17 21.49.00.85
[I:\httpd-2.0.39\srclib\openssl]rem perl util\mk1mf.pl VC-W31-32 >ms\w31.mak

2002.07.17 21.49.00.85
[I:\httpd-2.0.39\srclib\openssl]perl util\mk1mf.pl dll VC-W31-32
1>ms\w31dll.mak
unknown option -

2002.07.17 21.49.01.34
[I:\httpd-2.0.39\srclib\openssl]perl util\mk1mf.pl VC-WIN32 1>ms\nt.mak
unknown option -

2002.07.17 21.49.01.79
[I:\httpd-2.0.39\srclib\openssl]perl util\mk1mf.pl dll VC-WIN32
1>ms\ntdll.mak
unknown option -

2002.07.17 21.49.02.23
[I:\httpd-2.0.39\srclib\openssl]perl util\mkdef.pl 16 libeay
1>ms\libeay16.def

2002.07.17 21.49.05.07
[I:\httpd-2.0.39\srclib\openssl]perl util\mkdef.pl 32 libeay
1>ms\libeay32.def

2002.07.17 21.49.07.95
[I:\httpd-2.0.39\srclib\openssl]perl util\mkdef.pl 16 ssleay
1>ms\ssleay16.def

2002.07.17 21.49.10.64
[I:\httpd-2.0.39\srclib\openssl]perl util\mkdef.pl 32 ssleay
1>ms\ssleay32.def

2002.07.17 21.49.13.33
[I:\httpd-2.0.39\srclib\openssl]

- If you are using NASM then run:

> ms\do_nasm

- If you don't want to use the assembly language files at all then run:

> ms\do_ms

If you get errors about things not having numbers assigned then check
the troubleshooting section: you probably won't be able to compile it as
it stands.

Then from the VC++ environment at a prompt do:

> nmake -f ms\ntdll.mak

2002.07.17 21.49.13.33
[I:\httpd-2.0.39\srclib\openssl]nmake -f ms\ntdll.mak

Microsoft (R) Program Maintenance Utility Version 6.00.8168.0
Copyright (C) Microsoft Corp 1988-1998. All rights reserved.

' in macroak(239) : fatal error U1001: syntax error : illegal character '
Stop.

2002.07.17 21.50.09.96
[I:\httpd-2.0.39\srclib\openssl]nmake -f ms\ntdll.mak


in macroak(239) : fatal error U1001: syntax error : illegal character
- this is the error you get when you use the new cygwin perl...

....make certain older perl is ahead in path and start over...


2002.07.17 21.57.07.91
[I:\httpd-2.0.39\srclib\openssl]perl configure VC-WIN32
Configuring for VC-WIN32
IsWindows=1
CC =cl
CFLAG =-DTHREADS -DDSO_WIN32
EX_LIBS =
BN_ASM =bn_asm.o
DES_ENC =des_enc.o fcrypt_b.o
BF_ENC =bf_enc.o
CAST_ENC =c_enc.o
RC4_ENC =rc4_enc.o
RC5_ENC =rc5_enc.o
MD5_OBJ_ASM =
SHA1_OBJ_ASM =
RMD160_OBJ_ASM=
PROCESSOR =
RANLIB =true
PERL =perl
THIRTY_TWO_BIT mode
BN_LLONG mode
RC4_INDEX mode
RC4_CHUNK is undefined

Configured for VC-WIN32.

2002.07.17 21.57.54.71
[I:\httpd-2.0.39\srclib\openssl]

2002.07.17 21.57.54.71
[I:\httpd-2.0.39\srclib\openssl]ms\do_masm
Generating x86 for MASM assember
Bignum
DES
"crypt(3)"
Blowfish
CAST5
RC4
MD5
SHA1
RIPEMD160
RC5\32

2002.07.17 21.58.37.68
[I:\httpd-2.0.39\srclib\openssl]perl util\mkfiles.pl 1>MINFO

2002.07.17 21.58.37.86
[I:\httpd-2.0.39\srclib\openssl]rem perl util\mk1mf.pl VC-MSDOS no-sock
>ms\msdos.mak

2002.07.17 21.58.37.86
[I:\httpd-2.0.39\srclib\openssl]rem perl util\mk1mf.pl VC-W31-32 >ms\w31.mak

2002.07.17 21.58.37.86
[I:\httpd-2.0.39\srclib\openssl]perl util\mk1mf.pl dll VC-W31-32
1>ms\w31dll.mak

2002.07.17 21.58.38.10
[I:\httpd-2.0.39\srclib\openssl]perl util\mk1mf.pl VC-WIN32 1>ms\nt.mak

2002.07.17 21.58.38.34
[I:\httpd-2.0.39\srclib\openssl]perl util\mk1mf.pl dll VC-WIN32
1>ms\ntdll.mak

2002.07.17 21.58.38.58
[I:\httpd-2.0.39\srclib\openssl]perl util\mkdef.pl 16 libeay
1>ms\libeay16.def

2002.07.17 21.58.41.09
[I:\httpd-2.0.39\srclib\openssl]perl util\mkdef.pl 32 libeay
1>ms\libeay32.def

2002.07.17 21.58.43.69
[I:\httpd-2.0.39\srclib\openssl]perl util\mkdef.pl 16 ssleay
1>ms\ssleay16.def

2002.07.17 21.58.46.07
[I:\httpd-2.0.39\srclib\openssl]perl util\mkdef.pl 32 ssleay
1>ms\ssleay32.def

2002.07.17 21.58.48.42
[I:\httpd-2.0.39\srclib\openssl]


.... LONG BUILD ... make certain there are no errors .. the test


If all is well it should compile and you will have some DLLs and
executables
in out32dll. If you want to try the tests then do:

> cd out32dll
> ..\ms\test




(snip) lots of test results...


test sslv2/sslv3 with both client and server authentication via BIO pair
client authentication
server authentication
depth=2 /C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test PCA (1024 bit)
depth=1 /C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test CA (1024 bit)
depth=0 /C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Server test cert (512
bit)
depth=2 /C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test PCA (1024 bit)
depth=1 /C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test CA (1024 bit)
depth=0 error=10 /C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Client test
cert (512 bit)
depth=0 /C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Client test cert (512
bit)
TLSv1, cipher TLSv1/SSLv3 EDH-RSA-DES-CBC3-SHA, 512 bit RSA
passed all tests

2002.07.17 22.11.14.32
[I:\httpd-2.0.39\srclib\openssl\out32dll]


7. Time to build Apache
8. cd ..\..\.. ?:\httpd-2.0.39\nmake /f Makefile.win PORT=80
INSTDIR="f:\Apache" installr

....an old copy of bison will cause a failure here...

(snip)

Creating library .\Release\mod_proxy_http.lib and object
..\Release\mod_proxy_http.exp
cd ..\..
cd modules\ssl
NMAKE -nologo -f mod_ssl.mak CFG="mod_ssl - Win32
Release" RECURSE=0 .\Release\mod_ssl.so
if not exist ".\Release/" mkdir ".\Release"
tempfile.bat
tempfile.bat
tempfile.bat
tempfile.bat
rc.exe /l 0x409 /fo".\Release\mod_ssl.res" /d "NDEBUG" .\mod_ssl.rc
cl.exe @I:\Temp\nma02896.
mod_ssl.c
ssl_engine_config.c
ssl_engine_dh.c
ssl_engine_init.c
ssl_engine_io.c
ssl_engine_kernel.c
ssl_engine_log.c
ssl_engine_mutex.c
ssl_engine_pphrase.c
ssl_engine_rand.c
ssl_engine_vars.c
ssl_expr.c
ssl_expr_eval.c
ssl_expr_parse.c
ssl_expr_scan.c
ssl_scache.c
ssl_scache_dbm.c
ssl_scache_shmcb.c
ssl_scache_shmht.c
ssl_util.c
Generating Code...
Compiling...
ssl_util_ssl.c
ssl_util_table.c
Generating Code...
link.exe @I:\Temp\nmb02896.
Creating library .\Release\mod_ssl.lib and object .\Release\mod_ssl.exp
cd ..\..
cd support
NMAKE -nologo -f abs.mak CFG="abs - Win32 Release"
RECURSE=0
if not exist ".\Release/" mkdir ".\Release"
cl.exe @I:\Temp\nma03668.
ab.c



(snip)



1 file(s) copied.
awk -f script.awk "docs/conf/ssl-std.conf" "f:\Apache" >
"f:\Apache\conf\ssl.default.conf"
if not exist "f:\Apache\conf\ssl.conf" copy
"f:\Apache\conf\ssl.default.conf" "f:\Apache\conf\ssl.conf"
1 file(s) copied.
awk -f script.awk "support/dbmmanage.in"
>"f:\Apache\bin\dbmmanage.pl"
del .a .y

2002.07.17 22.20.36.19
[I:\httpd-2.0.39]


bison, flex and awk are required ... they are in my cygwin, that I had
to update
or it would fail to build mod_ssl.so -- syntax error in dynamicall
generated c source - generated
by bison.


I now have an installed version ...

Still to be done.

httpd.conf must be tuned and certs made

If you get this far I will tell you how I continued, but it gets mucky
from here. I am not very certain about creating certs.


Chris.


____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org



____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org