Compiling Apache 2.2 with SNI on Ubuntu

From ZeePal Documentation

Contents 1 Prerequisites 2 Downloading OpenSSL and Apache2 Source Code 3 Enabling SNI in OpenSSL Source 4 Enabling SNI in Apache 2.2 5 Notes

Prerequisites

1. APT Packages: "zlib1g-dev" & "libssl-dev"
   • Installing APT Packages with WebMin
   • Installing APT Packages via Shell

Downloading OpenSSL and Apache2 Source Code

1. Login: To the Server
2. Run: "sudo apt-get source apache2 openssl"

Enabling SNI in OpenSSL Source

1. Change Directory: "./openssl-0.9.8g"
2. Run: "sudo ./config --prefix=/usr --openssldir=/usr/lib/ssl no-idea no-mdc2 no-rc5 zlib enable-tlsext no-sslv2"
3. Watch & Wait: For OpenSSL to be configured ready for compiling, Watch for errors and repair manually (You shouldn't continue if errors aren't repaired)
4. Run: "sudo make depend"
5. Watch & Wait: For OpenSSL's Dependancys to be Compiled, Watch for errors and repair manually (You shouldn't continue if errors aren't repaired)
6. Run: "sudo make"
7. Watch & Wait: For OpenSSL to be Compiled, Watch for errors and repair manually (You shouldn't continue if errors aren't repaired)
8. Run: "sudo make install"
9. Watch & Wait: For OpenSSL to be installed, Watch for errors and repair manually (You shouldn't continue if errors aren't repaired)

Enabling SNI in Apache 2.2

1. Save: File:Httpd-2.2.x-sni.patch on the server
   • Disclosure: I take no credit for work on the file above.
   • Reference: "https://sni.velox.ch/misc/httpd-2.2.x-sni.patch"
2. Run: "sudo patch --verbose -d apache2-2.2.11/modules/ssl/ -i httpd-2.2.x-sni.patch"
3. Watch: For errors and repair manually (You shouldn't continue if errors aren't repaired)
4. Change Directory: "./apache2-2.2.11"
5. Run: "sudo ./configure --enable-layout=Debian -enable-ssl=shared --enable-mods-shared=all --enable-deflate --with-program-name=apache2"
6. Watch & Wait: For Apache2 to be configured ready for compiling, Watch for errors and repair manually (You shouldn't continue if errors aren't repaired)
7. Run: "sudo make"
8. Watch & Wait: For Apache2 to be compiled, Watch for errors and repair manually (You shouldn't continue if errors aren't repaired)
9. Run: "sudo make install"
10. Watch & Wait: For Apache2 to be installed, Watch for errors and repair manually (You shouldn't continue if errors aren't repaired)
11. Save: "LoadModule log_config_module /usr/lib/apache2/modules/mod_log_config.so" in a new file called: "/etc/apache2/mods-available/log.conf"
12. Run: "do ln -s /etc/apache2/mods-available/log.conf /etc/apache2/mods-enabled/log.conf"
13. Edit: "/etc/apache2/apache2.conf"
    1. Add: "NameVirtualHost *:443" just before "Include /etc/apache2/sites-enabled/"
14. Run: "sudo /etc/init.d/apache2 stop"
15. Wait: For Apache 2.2 to stop
16. Run: "sudo /etc/init.d/apache2 start"
17. Watch & Wait: For Apache2 to be started, Watch for errors and repair manually (You shouldn't continue if errors aren't repaired)

Notes

May not need to recompile OpenSSL 0.9.8g as it seems it comes precompiled with "enable-tlsext".