You actually have several options: 1. Use the mod_ssl, mm and apache package that come with the Red Hat Linux 7.3 system. These are out of date, but you can get the latest by registering with https://rhn.redhat.com. Some people don't like the fact that these are not the latest versions, merely "backported" to the latest fix. It doesn't bother me though. The latest openssl update from Red Hat prevents the "linux slapper" worm from infecting your systems.
2. Remove the apache, mm and mod_ssl rpm packages and recompiling them. In the second case, you have two options: 1. Compile against the openssl that comes with 7.3. In this case you'll need to install the openssl-devel rpm package. 2. Compile against the latest openssl files. In that case I believe you'd need to install the openssl binary into a directory other than /usr/bin (see http://www.openssl.org/support/faq.cgi#BUILD8). If I'm wrong on this hopefully someone will correct me, but I've always believed that you need the same version of openssl installed somewhere that you used to compile mod_ssl. There is always the option of creating RPMs from either of the above options. Don't remove the openssl package that comes with 7.3 though. You'll break several packages that come with 7.3 such as ssh, sendmail and nearly all the email programs. I used to compile apache and mod_ssl, but now I prefer to wait for the packages from Red Hat. - John Airey, BSc (Jt Hons), CNA, RHCE Internet systems support officer, ITCSD, Royal National Institute of the Blind, Bakewell Road, Peterborough PE2 6XU, Tel.: +44 (0) 1733 375299 Fax: +44 (0) 1733 370848 [EMAIL PROTECTED] Theories of evolution are like buses - there'll be another one along in a minute > -----Original Message----- > From: Dan Sabo [mailto:[EMAIL PROTECTED]] > Sent: 07 October 2002 00:31 > To: [EMAIL PROTECTED] > Subject: Installing mod_ssl > > > Hi Folks, > > mod_ssl newbie here. I'm running RH Linux 7.3 and apache > 1.3.23. I have > been reading the archives and Kabir's book - "Red Hat Linux 7 > Server", and > from what I understand, correct me if I'm wrong, is that in > order to install > mod_ssl on my machine, I will have to start from scratch and > re install and > compile a fresh copy of apache. Is this true? Or can I > install mod_ssl on > an existing apache machine that has already been configured > and set up with > e-commerce sites? > > If I can install mod_ssl on my machine without re compiling > apache, can > anyone direct me to any step by step documentation as to how > to install and > configure mod_ssl and secure sites/Thawte certificates on a > Linux 7.x box > already set up with apache? > > Lastly, if it is possible to install mod_ssl on a server > already configured > with apache with e-commerce sites already set up, are there > any security > risks in installing mod_ssl on an already configured server? Is it > "better", to install mod_ssl on an empty server? Also I read > somewhere that > this mod_ssl worm is a big problem. Is that true? Should I > upgrade my > apache software to prevent such an attack, and if I do, will upgrading > apache cause any problems with my current set up of my sites? > > Thanks much > > Dan Sabo > > ______________________________________________________________________ > Apache Interface to OpenSSL (mod_ssl) www.modssl.org > User Support Mailing List [EMAIL PROTECTED] > Automated List Manager [EMAIL PROTECTED] > - NOTICE: The information contained in this email and any attachments is confidential and may be legally privileged. If you are not the intended recipient you are hereby notified that you must not use, disclose, distribute, copy, print or rely on this email's content. If you are not the intended recipient, please notify the sender immediately and then delete the email and any attachments from your system. RNIB has made strenuous efforts to ensure that emails and any attachments generated by its staff are free from viruses. However, it cannot accept any responsibility for any viruses which are transmitted. We therefore recommend you scan all attachments. Please note that the statements and views expressed in this email and any attachments are those of the author and do not necessarily represent those of RNIB. RNIB Registered Charity Number: 226227 Website: http://www.rnib.org.uk ______________________________________________________________________ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
