Index: openacs-4/packages/acs-core-docs/www/install-nsopenssl.html =================================================================== RCS file: /usr/local/cvsroot/openacs-4/packages/acs-core-docs/www/install-nsopenssl.html,v diff -u -r1.18 -r1.18.2.1 --- openacs-4/packages/acs-core-docs/www/install-nsopenssl.html 16 Feb 2005 00:21:02 -0000 1.18 +++ openacs-4/packages/acs-core-docs/www/install-nsopenssl.html 26 Aug 2005 00:02:30 -0000 1.18.2.1 @@ -1,31 +1,59 @@ -Install nsopenssl

Install nsopenssl

By Joel Aufrecht and Malte Sussdorff

+Install nsopenssl

Install nsopenssl

By Joel Aufrecht and Malte Sussdorff

OpenACS docs are written by the named authors, and may be edited by OpenACS documentation staff.

This AOLserver module is required if you want people to connect to your site via https. These commands compile nsopenssl and install it, along with a tcl helper script to handle https connections. You will also need ssl certificates. Because those should be different for each server service, you won't need those instructions until - later.

Install on AOLserver4

You will need the AOLserver4 source in /usr/local/src/aolserver/aolserver and OpenSSL installed in /usr/local/ssl (or at least symlinked there).

FreeBSD note: build openssl with gmake install OPENSSL=/usr/local/openssl INST=/usr/local/aolserver -

[root bin]# cd /usr/local/src/aolserver
-[root aolserver]# cvs -d:pserver:anonymous@cvs.sourceforge.net:/cvsroot/aolserver login
-[root aolserver]# cvs -d:pserver:anonymous@cvs.sourceforge.net:/cvsroot/aolserver co nsopenssl
-[root aolserver]# cd nsopenssl
-[root nsopenssl]# make OPENSSL=/usr/local/ssl
+      later. 

Install on AOLserver3

You will need the unpacked Aolserver tarball in + /usr/local/src/aolserver and + the nsopenssl tarball in + /tmp.

Red Hat 9 note: see this + thread for details on compiling nsopenssl.)

[root bin]# cd /usr/local/src/aolserver
+[root aolserver]# wget --passive http://www.scottg.net/download/nsopenssl-2.1.tar.gz
+[root aolserver]# tar xzf nsopenssl-2.1.tar.gz 
+[root aolserver]# cd nsopenssl-2.1
+[root nsopenssl-2.1]# make OPENSSL=/usr/local/ssl
+gcc -I/usr/local/ssl/include -I../aolserver/include -D_REENTRANT=1 -DNDEBUG=1 -g -fPIC -Wall -Wno-unused -mcpu=i686 -DHAVE_CMMSG=1 -DUSE_FIONREAD=1 -DHAVE_COND_EINTR=1   -c -o nsopenssl.o nsopenssl.c
+(many lines omitted)
+gcc -shared -nostartfiles -o nsopenssl.so nsopenssl.o config.o init.o ssl.o thread.o tclcmds.o -L/usr/local/ssl/lib -lssl -lcrypto
+[root nsopenssl-2.1]# cp nsopenssl.so /usr/local/aolserver/bin
+[root nsopenssl-2.1]# cp https.tcl /usr/local/aolserver/modules/tcl/
+[root nsopenssl-2.1]#
+cd /usr/local/src/aolserver
+wget --passive http://www.scottg.net/download/nsopenssl-2.1.tar.gz
+tar xzf nsopenssl-2.1.tar.gz 
+cd nsopenssl-2.1 
+make OPENSSL=/usr/local/ssl 
+cp nsopenssl.so /usr/local/aolserver/bin 
+cp https.tcl /usr/local/aolserver/modules/tcl/

For Debian (more + information):

apt-get install libssl-dev
+cd /usr/local/src/aolserver
+tar xzf /tmp/nsopenssl-2.1.tar.gz
+cd nsopenssl-2.1
+make OPENSSL=/usr/lib/ssl
+cp nsopenssl.so /usr/local/aolserver/bin
+cp https.tcl /usr/local/aolserver/modules/tcl/

Install on AOLserver4

You will need the AOLserver4 source in /usr/local/src/aolserver/aolserver and OpenSSL installed in /usr/local/ssl (or at least symlinked there). The use of INST=/point/to/aolserver is being replaced with AOLSERVER=/point/to/aolserver. We are including both here, because while this module still requires INST, if one just uses AOLSERVER, the default value would be used and could intefere with another existing installation.

FreeBSD note: build nsopenssl with gmake install OPENSSL=/usr/local/openssl AOLSERVER=/usr/local/aolserver4r10 +

[root bin]# cd /usr/local/src/aolserver
+[root aolserver]# cvs -d:pserver:anonymous@cvs.sourceforge.net:/cvsroot/aolserver login
+[root aolserver]# cvs -d:pserver:anonymous@cvs.sourceforge.net:/cvsroot/aolserver co nsopenssl
+[root aolserver]# cd nsopenssl
+[root nsopenssl]# make OPENSSL=/usr/local/ssl
 gcc -I/usr/local/ssl/include (many items omitted)  -c -o sslcontext.o sslcontext.c
 (many lines omitted)
-[root nsopenssl-2.1]# make install OPENSSL=/usr/local/ssl INST=/usr/local/aolserver40r9
+[root nsopenssl-2.1]# make install OPENSSL=/usr/local/ssl AOLSERVER=/usr/local/aolserver4r10 INST=/usr/local/aolserver4r10
 [root nsopenssl-2.1]#
 cd /usr/local/src/aolserver
 cvs -d:pserver:anonymous@cvs.sourceforge.net:/cvsroot/aolserver login
 cvs -d:pserver:anonymous@cvs.sourceforge.net:/cvsroot/aolserver co nsopenssl
 cd nsopenssl
 make OPENSSL=/usr/local/ssl 
-make install OPENSSL=/usr/local/ssl INST=/usr/local/aolserver40r9

If you have problems starting your server with nsopenssl.so due to missing libssl.so.0.9.7 (or lower), you have to create symlinks +make install OPENSSL=/usr/local/ssl AOLSERVER=/usr/local/aolserver AOLSERVER=/usr/local/aolserver4r10

If you have problems starting your server with nsopenssl.so due to missing libssl.so.0.9.7 (or lower), you have to create symlinks

-[root nsopenssl]# cd /usr/local/aolserver/lib
-[root lib]# ln -s /usr/local/ssl/lib/libssl.so.0.9.7 libssl.so.0.9.7
-[root lib]# ln -s /usr/local/ssl/lib/libcrypto.so.0.9.7 libcrypto.so.0.9.7
+[root nsopenssl]# cd /usr/local/aolserver/lib
+[root lib]# ln -s /usr/local/ssl/lib/libssl.so.0.9.7 libssl.so.0.9.7
+[root lib]# ln -s /usr/local/ssl/lib/libcrypto.so.0.9.7 libcrypto.so.0.9.7
 [root lib]#
 cd /usr/local/aolserver/lib
 ln -s /usr/local/ssl/lib/libssl.so.0.9.7 libssl.so.0.9.7
@@ -35,39 +63,11 @@
 

SSL support must be enabled seperately in each OpenACS server (Generate ssl certificates.

If your ports for SSL are privileged (below 1024), you will have to start AOLserver with prebinds for both your HTTP - and your HTTPS port (usually by adding -b - your_ip:your_http_port,your_ip:your_https_port + and your HTTPS port (usually by adding -b + your_ip:your_http_port,your_ip:your_https_port to the nsd call. If you are using daemontools, this can be - changed in your etc/daemontools/run - file).

To enable SSL support in your server, make sure your + changed in your etc/daemontools/run + file).

To enable SSL support in your server, make sure your etc/config.tcl file has a section on "OpenSSL 3 with AOLserver4". If that section is not present, try looking at the README file in - /usr/local/src/aolserver/nsopenssl.

Install on AOLserver3

You will need the unpacked Aolserver tarball in - /usr/local/src/aolserver and - the nsopenssl tarball in - /var/tmp.

Red Hat 9 note: see this - thread for details on compiling nsopenssl.)

[root bin]# cd /usr/local/src/aolserver
-[root aolserver]# wget --passive http://www.scottg.net/download/nsopenssl-2.1.tar.gz
-[root aolserver]# tar xzf nsopenssl-2.1.tar.gz 
-[root aolserver]# cd nsopenssl-2.1
-[root nsopenssl-2.1]# make OPENSSL=/usr/local/ssl
-gcc -I/usr/local/ssl/include -I../aolserver/include -D_REENTRANT=1 -DNDEBUG=1 -g -fPIC -Wall -Wno-unused -mcpu=i686 -DHAVE_CMMSG=1 -DUSE_FIONREAD=1 -DHAVE_COND_EINTR=1   -c -o nsopenssl.o nsopenssl.c
-(many lines omitted)
-gcc -shared -nostartfiles -o nsopenssl.so nsopenssl.o config.o init.o ssl.o thread.o tclcmds.o -L/usr/local/ssl/lib -lssl -lcrypto
-[root nsopenssl-2.1]# cp nsopenssl.so /usr/local/aolserver/bin
-[root nsopenssl-2.1]# cp https.tcl /usr/local/aolserver/modules/tcl/
-[root nsopenssl-2.1]#
-cd /usr/local/src/aolserver
-wget --passive http://www.scottg.net/download/nsopenssl-2.1.tar.gz
-tar xzf nsopenssl-2.1.tar.gz 
-cd nsopenssl-2.1 
-make OPENSSL=/usr/local/ssl 
-cp nsopenssl.so /usr/local/aolserver/bin 
-cp https.tcl /usr/local/aolserver/modules/tcl/

For Debian (more - information):

apt-get install libssl-dev
-cd /usr/local/src/aolserver
-tar xzf /var/tmp/nsopenssl-2.1.tar.gz
-cd nsopenssl-2.1
-make OPENSSL=/usr/lib/ssl
-cp nsopenssl.so /usr/local/aolserver/bin
-cp https.tcl /usr/local/aolserver/modules/tcl/
View comments on this page at openacs.org
+ /usr/local/src/aolserver/nsopenssl.

View comments on this page at openacs.org