Hi guys;

Apache 1.3.37
OpenSSL 0.9.8d

I get this >>

Starting httpd: Syntax error on line 1287 of /usr/local/apache/conf/
httpd.conf:
Invalid command 'SSLEngine', perhaps mis-spelled or defined by a
module not included in the server configuration

So I include libssl and then I get this >>

Starting httpd: Syntax error on line 276 of /usr/local/apache/conf/
httpd.conf:
module ssl_module is built-in and can't be loaded

Even if I don't compile ssl in and load libssl.so, I get that first
SSLEngine error.... it's nuts, what gives?

Can someone PLEASE shed some light on this? I've spent waaaaay too
long on sorting this out.

Cheers.

On 2007-02-09, jcrane@froggy.com.au <jcrane@froggy.com.au> wrote:
> Apache 1.3.37
> OpenSSL 0.9.8d

Apache 1.3 didn't came with SSL support on his own (if I remember
correctly), so you have to recompile it to get it.

> Starting httpd: Syntax error on line 1287 of /usr/local/apache/conf/
> httpd.conf: Invalid command 'SSLEngine'

It seems to me that your apache does not support SSL.

> module ssl_module is built-in and can't be loaded

what does httpd -l return in this case?

how did you 'compiled' apache?

Davide

--
Take note of the toes you step on today as they may be connected
to the ass you have to kick tomorrow.
--Ben

Hi;

Don't know what happened to my last post, but here it is again.

> Apache 1.3 didn't came with SSL support on his own (if I remember
> correctly), so you have to recompile it to get it.

I thought I'd been doing this, see below..

> > Starting httpd: Syntax error on line 1287 of /usr/local/apache/conf/
> > httpd.conf: Invalid command 'SSLEngine'
>
> It seems to me that your apache does not support SSL.

That's what I thought, so when I load it in the conf I get the
following.

> > module ssl_module is built-in and can't be loaded

So apache.. is it in or is it not?!

> what does httpd -l return in this case?

Compiled-in modules:
http_core.c
mod_env.c
mod_log_config.c
mod_mime.c
mod_negotiation.c
mod_status.c
mod_include.c
mod_autoindex.c
mod_dir.c
mod_cgi.c
mod_asis.c
mod_imap.c
mod_actions.c
mod_userdir.c
mod_alias.c
mod_access.c
mod_auth.c
mod_so.c
mod_setenvif.c
mod_ssl.c
suexec: disabled; invalid wrapper /usr/local/apache/bin/suexec

ldd /usr/sbin/httpd
libm.so.6 => /lib/i686/libm.so.6 (0x40031000)
libcrypt.so.1 => /lib/libcrypt.so.1 (0x40054000)
!! libssl.so.0.9.8 => /usr/lib/libssl.so.0.9.8 (0x40081000)
!! libcrypto.so.0.9.8 => /lib/libcrypto.so.0.9.8 (0x4019a000)
libexpat.so.0 => /usr/lib/libexpat.so.0 (0x402c2000)
libdl.so.2 => /lib/libdl.so.2 (0x402df000)
libc.so.6 => /lib/i686/libc.so.6 (0x402e4000)
/lib/ld-linux.so.2 => /lib/ld-linux.so.2 (0x40000000)

> how did you 'compiled' apache?

I've tried numerous ways, 2 examples are as follows:

1> using mod_ssl

- mod_ssl-2.8.28-1.3.37> './configure' '--with-apache=../
apache_1.3.37' '--with-ssl=../openssl-0.9.8d' '--prefix=/usr/local/
apache' '--enable-module=so'
- apache_1.3.37> make & make install

2> remembering my /usr/local/ssl (default path) = openssl-0.9.8d, I've
also tried an explicit path declaration here as well.

- apache_1.3.37> './configure' '--enable-module=access' '--enable-
module=actions' '--enable-module=alias' '--enable-module=asis' '--
enable-module=auth_anon' '--enable-module=auth_dbm' '--enable-
module=auth_db' '--enable-module=auth_digest' '--enable-module=auth'
'--enable-module=autoindex' '--enable-module=cern_meta' '--enable-
module=cgi' '--enable-module=define' '--enable-module=digest' '--
enable-module=dir' '--enable-module=env' '--enable-module=example' '--
enable-module=expires' '--enable-module=headers' '--enable-
module=imap' '--enable-module=include' '--enable-module=info' '--
enable-module=log_agent' '--enable-module=log_config' '--enable-
module=log_forensic' '--enable-module=log_referer' '--enable-
module=mime_magic' '--enable-module=mime' '--enable-
module=mmap_static' '--enable-module=negotiation' '--enable-
module=proxy' '--enable-module=rewrite' '--enable-module=setenvif' '--
enable-module=so' '--enable-module=speling' '--enable-module=status'
'--enable-module=unique_id' '--enable-module=userdir' '--enable-
module=usertrack' '--enable-module=vhost_alias' '--enable-module=ssl'
- apache_1.3.37> make & make install

One way or another, I get back to this Invalid Command 'SSLEngine'
error.

I don't really understand what mod_ssl is for exactly when I can
include openssl directly in with an apache configure (as above).

Why would I have to use the mod_ssl configure at all?
Is it the ONLY way to get openssl up and running in apache?
Also, if httpd links to the correct versions of libssl.so and
libcrypto.so, does that not mean mod_ssl has been included correctly
or should I be looking for something else?

Cheers, Josh.

On 2007-02-09, jcrane@froggy.com.au <jcrane@froggy.com.au> wrote:
>> what does httpd -l return in this case?
>
> Compiled-in modules:
> http_core.c
<snip>
> mod_ssl.c

The mod_ssl is compiled built-in and you don't need the LoadModule
directive, if your apache still complaints about the SSL directives
maybe the compilation failed or for some reasons the libssl used is
broken.

>> how did you 'compiled' apache?
>
> I've tried numerous ways, 2 examples are as follows:
> 1> using mod_ssl
> 2> remembering my /usr/local/ssl (default path) = openssl-0.9.8d, I've
> also tried an explicit path declaration here as well.
>
> One way or another, I get back to this Invalid Command 'SSLEngine'
> error.

The only thing I can think of is that your ssl (openssl or modssl)
installation doesn't have all the libraries. I'd start by re-installing
openssl and modssl.

> Why would I have to use the mod_ssl configure at all?
> Is it the ONLY way to get openssl up and running in apache?

I always used the standard apache configuration procedure, so compile
first openssl and then use apache compile options to turn on ssl. Never
had a problem with it.

> does that not mean mod_ssl has been included correctly

Seems so. But evidently Apache has different ideas.

Davide

--
Linux - It is now safe to turn on your computer.
-- From a Slashdot.org post