My advice would be to install a completely new server from scratch and install it in a different directory to your current Redhat installed one.
All you need do once the new install is complete is kill the old server and restart the new one. Once happy with the new install you can edit your startup configuration so the new server is started on a reboot or restart. Your can then either copy or symbolically link back to the content from your original setup. This way if it all goes wrong you can immediately switch back to the previous server. As for instructions the INSTALL documents included with the Apache and Mod_SSL distros have a pretty good walk through procedure. You will ideally need to install (from source or RPM) the latest version of OpenSSL (at least 0.9.6e) before you start and then download the latest version of Apache and Mod_SSL from the main sites (http://httpd.apache.org/ and http://www.modssl.org/) Download the .... blaaaahh.tar.gz files .. Then issue the following command (in a suitable directory) to unpack them. gzip -d -c blaaaahh.tar.gz | tar xvf - The will then unpack the files into directories. Inside these your will find the instructions (start with README and INSTALL). Depending on how familar you are with scripting you can setup an install script to run the various configure and make command used to build the server from source. I use this to maintain the 6 Apache servers I run and can rebuild each one from source in about 8 minutes flat. To update servers at a later date simply do the following .... Download and rebuild new server issuing every command except the final "make install". Stop the current server. Renew current install directory (/usr/local/apache for example) to /usr/local/apache.bak ... then go back to the directory where your made the new server and issue the "make install" command. If your web content exists outside of the /usr/local/apache directory (which ideally it should), then all you need do now is copy the "httpd.conf" file into the new /usr/local/apache directory and restart the server. In case of an problems stop the server, rename the directory back, restart and you are back to where you started ... (easy once you've done it a few times !!!). Regards, Phil, Sheffield, England, UK. . ----- Original Message ----- From: "Dan Sabo" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Monday, October 07, 2002 12:30 AM Subject: Installing mod_ssl > Hi Folks, > > mod_ssl newbie here. I'm running RH Linux 7.3 and apache 1.3.23. I have > been reading the archives and Kabir's book - "Red Hat Linux 7 Server", and > from what I understand, correct me if I'm wrong, is that in order to install > mod_ssl on my machine, I will have to start from scratch and re install and > compile a fresh copy of apache. Is this true? Or can I install mod_ssl on > an existing apache machine that has already been configured and set up with > e-commerce sites? > > If I can install mod_ssl on my machine without re compiling apache, can > anyone direct me to any step by step documentation as to how to install and > configure mod_ssl and secure sites/Thawte certificates on a Linux 7.x box > already set up with apache? > > Lastly, if it is possible to install mod_ssl on a server already configured > with apache with e-commerce sites already set up, are there any security > risks in installing mod_ssl on an already configured server? Is it > "better", to install mod_ssl on an empty server? Also I read somewhere that > this mod_ssl worm is a big problem. Is that true? Should I upgrade my > apache software to prevent such an attack, and if I do, will upgrading > apache cause any problems with my current set up of my sites? > > Thanks much > > Dan Sabo > > ______________________________________________________________________ > Apache Interface to OpenSSL (mod_ssl) www.modssl.org > User Support Mailing List [EMAIL PROTECTED] > Automated List Manager [EMAIL PROTECTED] > ______________________________________________________________________ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
