Installing Apache or any other web service can open up your system to unwanted intrusions by others. Before you install Apache, make sure you know what to expect and how to set up your security. See our Disclaimer. If you are already running Apache, back up your current installation and files before installing these pacakges. There are a lot of ways to set up Apache. If this method does not meet your needs, compiling from sources after carefully reading detailed documentation is your best solution.
Quick Install
If you want to just get started and do not care about the details of what I did to create the Apache with mod_ssl package, you can do the following to install Apache:
Download (I will illustrate for Solaris 8 on SPARC):
apache-1.3.27-sol8-sparc-local.gz
openssl-0.9.6i-sol8-sparc-local.gz
Run
gunzip apache-1.3.27-sol8-sparc-local.gz
gunzip openssl-0.9.6i-sol8-sparc-local.gz
and then, as root, run
pkgadd -d apache-1.3.27-sol8-sparc-local
pkgadd -d openssl-0.9.6i-sol8-sparc-local
This assumes you have not installed openssl-0.9.6i before.
If you do install openssl, you will need to read the appropriate link at OpenSSH instructions which contains instruction on what software is needed to generate the random numbers openssl requires.
Put the directories, /usr/local/apache/bin and /usr/local/ssl/bin in your PATH. Put /usr/local/ssl/lib in your LD_LIBRARY_PATH.
Now go to /usr/local/apache/conf and edit the httpd.conf file to fit your local needs. I suggest you read the files in the conf directory carefully along with some Apache documentation to help you do the configuration. Further, if you are going to use the mod_ssl, you will have to do some further configuration. Any good book on Apache should have a discussion of this. If you do not need mod_ssl, you can edit httpd.conf to comment out the lines related to ssl.
Once you have the configuration the way you want it, you can run
/usr/local/apache/bin/apachectl start
to start your server. Then you can test your installation and configuration to see if it is doing what you need. You will probably want to add a startup script to start your server during a reboot.
Detailed Discussion
On this page, I will discuss how I built the apache-1.3.27 package and added the mod_ssl-2.8.12-1.3.27 module to it. Apache is one of those programs that is used a great deal and configured a lot of different way. I am using this apache on my web servers and it appears to be working for me. I cannot a provide much more than very basic installation and configuration steps. Beyond that, I strongly urge that you go to the following sites and study the information there, read the documentation in the /usr/local/apache/doc/apache directory, and get an Apache book, of which there are a number of good ones. Furthermore, if you are very concerned about security or expect to have a lot of hits on your site, then you might want to consider compiling your own software to fit your local needs, with the steps below as a very elementary guide. As time goes on, I will be adding more modules that may be of use.
Here are the steps I used to create the apache with mod_ssl packages and how they should be installed. If you are already an Apache expert, you may find these instructions trivial or you may wish to recompile to set up your own preferences.
Step One:
Downloaded the following files:
Step Two:
Openssl is used by mod_ssl and needs to be installed first. This package was created on sunfreeware.com initially for use with the openssh package. You may need to install entropy gathering software like prngd or the random patch to use openssl. Go to the OpenSSH Installation Instructions for details on entropy gathering. You do not have to install openssh to use mod_ssl. If you already have openssl-0.9.6i installed, you do not have to redownload it, but you will still need the sources.
If you are not going to compile your own programs, you do not need to download the sources, just the packages I have created. The package is installed via (I will talk about SPARC/Solaris 8 in this illustration):
gunzip openssl-0.9.6i-sol8-sparc-local.gz
pkgadd -d openssl-0.9.6i-sol8-sparc-local
as root. The openssl files go into /usr/local/ssl. You should probably put /usr/local/ssl/bin into your PATH environment variable and /usr/local/ssl/lib into LD_LIBRARY_PATH.
Step Three:
To create the apache package, I did, in the directory where I put the sources,
gunzip apache_1.3.27.tar.gz (called apache-1.3.27.tar.gz on sunfreeware.com)
tar xvf apache_1.3.17.tar
gunzip mod_ssl-2.8.12-1.3.27.tar.gz
tar xvf mod_ssl-2.8.12-1.3.27.tar
gunzip openssl-0.9.8i.tar.gz
tar xvf openssl-0.9.6i.tar
Step Four: There is a so-called EAPI patch that the mod_ssl software needs to apply to apache. Run the following:
cd mod_ssl-2.8.12-1.3.27
./configure --with-apache=../apache_1.3.27 --with-eapi-only
Step Five: Now go to the apache source directory with
cd ../apache_1.3.27
and do
./configure --prefix=/usr/local/apache --enable-module=all --enable-shared=max
--enable-rule=EAPI --with-layout=Apache
make
make install
This will put the files in /usr/local/apache.
Step Six:
Now we compile the mod_ssl software with
cd ../mod_ssl-2.8.12-1.3.27
and run
./configure --with-ssl=../openssl-0.9.6i --with-apxs=/usr/local/apache/bin/apxs
make
make install
There are further steps to make certificates and generally setup your ssl systems. This will require that you read the mod_ssl documentation, perhaps read a book on Apache, or ask some experts. Remember that openssl and your random number generation must be set up and working also.
Step Seven:
Apache requires configuration before you start it. The configuration files are in the /usr/local/apache/conf directory. You should read all of the files in this directory. httpd.conf is the main file to edit first. Some of the key lines in httpd.conf that you may need to change are
Port 8080 #ServerAdmin #ServerName DocumentRoot "/usr/local/apache/htdocs"uncommenting the # lines above, of course.
You might also want to comment out some of the LoadModule and AddModule lines like, for example,
LoadModule ssl_module libexec/libssl.so
AddModule mod_ssl.c
if you don't need the mod_ssl module. Again, documentation and web sites can help you figure out your best configuration.
Step Eight:
You can now start the server with
/usr/local/apache/bin/apachectl start
(/usr/local/apache/bin/apachectl stop stops the server) as root. You may need to put /usr/local/apache/bin and other directories in your root's PATH or LD_LIBRARY_PATH.
You may get error messages if there are configuration problems.
If you want the server to start automatically when you startup your system, you can add scripts to /etc/init.d and /etc/rc2.d to do this.
Step Nine:
You can now open a browser and attempt to contact your server with a URL like http://localhost:80 or similar or go to another machine and try to get to your server from there. You will have to put web documents in your DocumentRoot directory to test in more detail.
You can also add any more modules like php, mod_perl, etc. if you intend to offer more complicated services.
I am open to constructive comments or suggestions on this Apache information and on the packages I offer.