CCL Home Page
Up Directory CCL READMET1S.txt
This is a log of my installation/Compilation of Apache DSO
with SSL, MM, Tomcat3.1 (source distribution) under Solaris 2.7
I had to use the source, since the 3.1 binary distribution has jserv
module compiled without EAPI.

This stuff if based on INSTALL file which comes with mod_ssl
and on the
  December 8, 1999
  Install instructions for Apache 1.3.9 with Tomcat 3.0
by Jason Hunter.  

If you are outside US, please look into INSTALL which comes
with mod_ssl, since you do not need RSAREF and can use more
robust code [your 8) and apache configure will be different].

2) Install Java 1.2 under Solaris if you do not have it.
   If you type
         java -version
   and it tells you that you have JDK 1.2, you are OK.
   If not you need to install. It is simple. You get a package
      a) click on Products & APIs
      b) choose JAVA 2 SDK, Standard Edition
      c) take: Java 2 SDK SolarisTM Production Release (J2SE)
         [I really wonder whu Sun constantly changes names. It is
         some ill-advised marketing ploy which unfortunately wastes
         a lot of time of other people]. You need:

      d) You need essentially all files. I placed them in /usr/local/java
           393617 Feb  2 09:56
            37347 Feb  2 09:56 1.2.1_04_Release-Notes.html
           274881 Feb  2 09:56 1.2.1_04_docs_sparc.tar.Z
         13287936 Feb  2 09:58 1.2.1_04_patches_sparc_5.5.1.tar
          4773888 Feb  2 09:58 1.2.1_04_patches_sparc_5.7.tar
            11592 Feb  2 09:58 README.sparc
         19826325 Feb  2 10:01 Solaris_JDK_1.2.1_04_sparc.bin

      e) Read the README.sparc and do what they say.
          i) chmod +x Solaris_JDK_1.2.1_04_sparc.bin
         ii) ./Solaris_JDK_1.2.1_04_sparc.bin
        iii) Move the old install directory of Java 2 (if exists):
                 mv /usr/java1.2 /usr/java1.2_previous

        iii) move the directory Solaris_JDK_1.2.1_04 just created to
             where you want it, and you better want it at /usr/java1.2
                mv Solaris_JDK_1.2.1_04 /usr/java1.2
         iv) Since my solaris is 2.7
               % uname -a
               SunOS heechee 5.7 Generic_106541-08 sun4u sparc SUNW,Ultra-250
             I used patches for it:
                tar xvf 1.2.1_04_patches_sparc_5.7.tar
             This created a directory ./5.7 with for tar.Z files in it
               284963 Oct 26 19:57 106980-05.tar.Z
              2660971 Oct 26 19:57 107078-10.tar.Z
              1308491 Oct 26 19:57 107607-01.tar.Z
               514653 Oct 26 19:57 107636-01.tar.Z
          v)  I unpacked each patch as:
                  gtar Zxvf 1xxxxxx-xx.tar.Z
              this creates a directory 1xxxxxx-xx for each patch
                  cd 1xxxxxx-xx
              and read  README.106980-05. Then run pkgadd
                    pkgadd -d . SUN*
               and answer yes.
      f) test if java installed corretly:

        java -version
        java version "1.2.1"
        Solaris VM (build Solaris_JDK_1.2.1_04, native threads, sunwjit)

4) Set your environment variables for Java (I am assuming you use
   some Bourne shell lookalike -- ksh or bash.
      export JAVA_HOME
      export PATH
      export CLASSPATH
5) Make top directory for Tomcat installation. I did
     /usr/local/apache_t3.1s but if you do some other, you
   need to remember to use it in the instructions below,
     mkdir /usr/local/apache_t3.1s
6) I also make a subdirectory sources to have all needed sources
   in one place. 
     mkdir /usr/local/apache_t3.1s/sources
     cd /usr/local/apache_t3.1s/sources
   place there tar files, and then unpack them as shown below:

  a) apache_1.3.11.tar.gz from
     gtar zxvf apache_1.3.11.tar.gz

  b) mod_ssl-2.5.0-1.3.11.tar.gz from
	gtar zxvf mod_ssl-2.5.0-1.3.11.tar.gz

  c) openssl-0.9.4.tar.gz from
     gtar zxvf openssl-0.9.4.tar.gz

  d) mm-1.0.12.tar.gz from
     gtar zxvf mm-1.0.12.tar.gz

  e) rsaref20.tar.Z -- it is no longer distributed, and I got it
     from my private museum. It is available from many places
     on the Web outside US. Search the Web FOR RSAREF 2.0.
       mkdir rsaref-2.0
       cd rsaref-2.0
       gtar Zxvf ../rsaref20.tar.Z
       cd ..

  f) tar.gz sources for tomcat 3.1 from
    jakarta-ant.tar.gz      23-Jan-2000 09:48   168k  
    jakarta-tomcat.tar.gz   23-Jan-2000 09:57   780k  
    jakarta-tools.tar.gz    23-Jan-2000 12:08   1.0M  
    jakarta-watchdog.tar.gz 23-Jan-2000 12:34   383k  

    I untarred them as:
        cd /usr/local/apache_t3.1s/sources
        gtar zxvf jakarta-ant.tar.gz
        gtar zxvf jakarta-tomcat.tar.gz
        gtar zxvf jakarta-tools.tar.gz
        gtar zxvf jakarta-watchdog.tar.gz

7) Compiled RSAREF library for openssl since we are in US and RSA has
   a patent, and we cannot use the decent implementation of crypto
   libraries. If you are in Europe, you can skip this thing.
     cd /usr/local/apache_t3.1s/sources/rsaref-2.0
     cp -rp install/unix local
     cd local
       edited makefile to have
         CC = gcc
	changed  all occurrances of cc --> $(CC)
       added -fPIC to CFLAGS
     mv rsaref.a librsaref.a

8) Compiled the openssl [if you are in Europe, you need to
   check the mod_ssl INSTALL not to include RSAREF]

   cd /usr/local/apache_t3.1s/sources/openssl-0.9.4
   sh config \
    -L/usr/local/apache_t3.1s/sources/rsaref-2.0/local/rsaref -fPIC
   make test

9) Compiled MM shared memory library
   cd /usr/local/apache_t3.1s/sources/mm-1.0.12
   ./configure --disable-shared
   cd ..

10) Configured  mod_ssl
   cd /usr/local/apache_t3.1s/sources/mod_ssl-2.5.0-1.3.11
   EAPI_MM=../mm-1.0.12 \
     ./configure \

11) Configure and make and install Apache with DSO support:
   cd /usr/local/apache_t3.1s/sources/apache_1.3.11
   SSL_BASE=/usr/local/apache_t3.1s/sources/openssl-0.9.4 \
   RSA_BASE=/usr/local/apache_t3.1s/sources/rsaref-2.0/local \
   EAPI_MM=/usr/local/apache_t3.1s/sources/mm-1.0.12 \
   ./configure --prefix=/usr/local/apache_t3.1s \
               --enable-module=so \
               --enable-rule=SHARED_CORE \
               --enable-module=most \
               --enable-shared=max \
               --enable-module=ssl \
   make certificate TYPE=custom
   make install

   My entries for certificates with 
          make certificate TYPE=custom
   were defaults, no passwords, and:
    STEP 0: R
    STEP 2:
     1. Country Name              [XY]:US
     2. State or Province Name    [Snake Desert]:Ohio
     3. Locality Name             [Snake Town]:Columbus
     4. Organization Name         [Snake Oil, Ltd]:OSC
     5. Organizational Unit Name  [Cer..Authority]:Gateway
     6. Common Name               [Snake Oil CA]
     7. Email Address             [ca@snakeoil.dom]
     8. Certificate Validity      [365]:1000

    STEP 3: 3
    STEP 5:
     1. Country Name              [XY]:US
     2. State or Province Name    [Snake Desert]:Ohio
     3. Locality Name             [Snake Town]:Columbus 
     4. Organization Name         [Snake Oil, Ltd]:OSC
     5. Organizational Unit Name  [Webserver Team]:PSE
     6. Common Name               [www.snakeoil.dom]
     7. Email Address             [www@snakeoil.dom]
     8. Certificate Validity      [365]:1001
    STEP 6: 3
    STEP 7:n
    STEP 8:n

12) edited a file in /usr/local/apache_t3.1s/conf/httpd.conf and
    added (actually uncommented):

13) Testing if Apache works:
    a) make sure other installation of apache is not running,
       or if it runs, it does not use port 80 and port 443.
       (do: ps -ef | grep httpd), and if httpd runs, kill it
       with its own apachectl script or just use (not recommended)
          killall httpd

    b) start apache with:
       /usr/local/apache_t3.1s/bin/apachectl startssl
       If you have warning, you have a problem, and try to
       do "exactly what I say" next time {:-)}.

    c) Use your browser (preferable on some other machine)
       and check if http: and https: work
       In my case, I tries URLs:
       In the https case you should get a lot of windows
       which ask you for accepting the certificate.
       Just click Next to see if you can go through to the

    d) Stop apache, since you are not finshed yet.
       /usr/local/apache_t3.1s/bin/apachectl stop

14) Compiled included in jakarta-tomcat zip archive.
    cd /usr/local/apache_t3.1s/sources
    cd jakarta-tomcat/src/native/apache/jserv
    /usr/local/apache_t3.1s/bin/apxs -c mod_jserv.c jserv*.c 
    cp /usr/local/apache_t3.1s/libexec

15) Building and installing tomcat

      cd /usr/local/apache_t3.1s/sources/jakarta-ant
      cd lib
      cp ../../jakarta-tools/ant.jar .
      cd ..
      chmod 755

      cd /usr/local/apache_t3.1s/sources/jakarta-tomcat
      chmod 755

16) Starting stand alone tomcat and testing:

      cd /usr/local/apache_t3.1s/sources/build/tomcat
    In my browser I called:
    and it gave me the Tomcat examples page. Examples worked, so I shut down.


17) Added tomcat.conf to httpd.conf by adding a line:
     Include /usr/local/apache_t3.1s/sources/build/tomcat/etc/tomcat.conf
    at the end of /usr/local/apache_t3.1s/conf/httpd.conf

18) Edited the apachectl in /usr/local/apache_t3.1s/bin
    and created apache-tomcat to start tomcat/apache
      a) At the beginning, just after "END CONFIGURATION SECTION" I added:

         export TOMCAT_HOME
         export JAVA_HOME
         export PATH

      b) under case startssl added 2 lines after: if $HTTPD -DSSL; then

           cd $TOMCAT_HOME

      c) under case stop added 2 lines after:  if kill $PID ; then

          cd $TOMCAT_HOME

      d) changed apache-tomcat to executable :
          chmod 755 /usr/local/apache_t3.1s/bin/apache-tomcat
      e) allow log writing for group nobody
         cd /usr/local/apache_t3.1s/logs
         chmod g+w *
         chgrp nobody *
         chmod g+rwx .
         chgrp nobody .

19) Started the apache/tomcat as:
       /usr/local/apache_t3.1s/bin/apache-tomcat startssl

    and checked if and worked. They did, so I killed the
    server with:
	/usr/local/apache_t3.1s/bin/apache-tomcat stop


Modified: Wed Feb 2 16:26:31 2000 GMT
Page accessed 12956 times since Tue Apr 18 18:01:17 2000 GMT