FAQ
Hello,

Can anyone point me to some step-by-step directions on how to build apache 2.2.17 with openldap.... I am on Red Hat 4 2.6.9-89.35.1.ELsmp

Do I need to install openldap?


I tried to build apache as below.

./configure --prefix=/usr/local/apache2 --with-ssl=/u01/fipsssl
--enable-ssl -with-ldap --enable-ssl --enable-authnz-ldap --enable-ldap
--with-mpm=prefork


mod_ssl/2.2.17 compiled against Server: Apache/2.2.17, Library: OpenSSL/0.9.8r-fips

Everything
works fine, except when I go to do ldap authentication. The browser
pops up a username/password window, I enter my username/password and
then hit submit.... I get back "Internet
Explorer cannot display the webpage" and in the error log I see the
below segmentation fault.... but if I turn of ldap it works fine...:

Thu Mar 17 14:47:04 2011] [info] [client 129.6.84.222] Connection to child 2 established (server acctnew.nist.gov:7100)
[Thu Mar 17 14:47:04 2011] [info] Seeding PRNG with 136 bytes of entropy
[Thu Mar 17 14:47:04 2011] [info] Initial (No.1) HTTPS request received for child 2 (server acctnew.nist.gov:7100)
[Thu
Mar 17 14:47:04 2011] [info] [client 129.6.84.222] Connection closed to
child 2 with unclean shutdown (server acctnew.nist.gov:7100)
[Thu Mar 17 14:47:10 2011] [info] [client 129.6.84.222] Connection to child 3 established (server acctnew.nist.gov:7100)
[Thu Mar 17 14:47:10 2011] [info] Seeding PRNG with 136 bytes of entropy
[Thu Mar 17 14:47:10 2011] [info] Initial (No.1) HTTPS request received for child 3 (server acctnew.nist.gov:7100)
[Thu Mar 17 14:47:11 2011] [notice] child pid 25625 exit signal Segmentation fault (11)

Thank you for any help!
Sam

Search Discussions

  • Jeff Trawick at Mar 18, 2011 at 1:52 pm

    On Fri, Mar 18, 2011 at 9:29 AM, Sam Theman wrote:
    Hello,

    Can anyone point me to some step-by-step directions on how to build apache
    2.2.17 with openldap.... I am on Red Hat 4  2.6.9-89.35.1.ELsmp

    Do I need to install openldap?
    your build apparently found the system OpenLDAP

    my guess: you are using ldaps, and you need to build OpenLDAP yourself
    using your special OpenSSL build (the one used by mod_ssl)

    I tried to build apache as below.

    ./configure --prefix=/usr/local/apache2 --with-ssl=/u01/fipsssl --enable-ssl
    -with-ldap --enable-ssl --enable-authnz-ldap --enable-ldap
    --with-mpm=prefork

    mod_ssl/2.2.17 compiled against Server: Apache/2.2.17, Library:
    OpenSSL/0.9.8r-fips

    Everything works fine, except when I go to do ldap authentication. The
    browser pops up a username/password window, I enter my username/password and
    then hit submit.... I get back "Internet Explorer cannot display the
    webpage" and in the error log I see the below segmentation fault.... but if
    I turn of ldap it works fine...:

    Thu Mar 17 14:47:04 2011] [info] [client 129.6.84.222] Connection to child 2
    established (server acctnew.nist.gov:7100)
    [Thu Mar 17 14:47:04 2011] [info] Seeding PRNG with 136 bytes of entropy
    [Thu Mar 17 14:47:04 2011] [info] Initial (No.1) HTTPS request received for
    child 2 (server acctnew.nist.gov:7100)
    [Thu Mar 17 14:47:04 2011] [info] [client 129.6.84.222] Connection closed to
    child 2 with unclean shutdown (server acctnew.nist.gov:7100)
    [Thu Mar 17 14:47:10 2011] [info] [client 129.6.84.222] Connection to child
    3 established (server acctnew.nist.gov:7100)
    [Thu Mar 17 14:47:10 2011] [info] Seeding PRNG with 136 bytes of entropy
    [Thu Mar 17 14:47:10 2011] [info] Initial (No.1) HTTPS request received for
    child 3 (server acctnew.nist.gov:7100)
    [Thu Mar 17 14:47:11 2011] [notice] child pid 25625 exit signal Segmentation
    fault (11)

    Thank you for any help!
    Sam


    --
    Born in Roswell... married an alien...

    ---------------------------------------------------------------------
    The official User-To-User support forum of the Apache HTTP Server Project.
    See <URL:http://httpd.apache.org/userslist.html> for more info.
    To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
    " from the digest: users-digest-unsubscribe@httpd.apache.org
    For additional commands, e-mail: users-help@httpd.apache.org
  • Sam Theman at Mar 18, 2011 at 3:18 pm
    ....but after I build openldap with the special openssl, how do I point apache to use it rather than the system openssl?


    Thanks, I think you are right, I tried non-ssl ldap bind, and it worked fine....

    Date: Fri, 18 Mar 2011 09:52:10 -0400
    From: trawick@gmail.com
    To: users@httpd.apache.org
    CC: xray316@hotmail.com
    Subject: Re: [users@httpd] Where are the step-by-step instructions for building apache 2.2.17 with LDAP authentication?
    On Fri, Mar 18, 2011 at 9:29 AM, Sam Theman wrote:
    Hello,

    Can anyone point me to some step-by-step directions on how to build apache
    2.2.17 with openldap.... I am on Red Hat 4 2.6.9-89.35.1.ELsmp

    Do I need to install openldap?
    your build apparently found the system OpenLDAP

    my guess: you are using ldaps, and you need to build OpenLDAP yourself
    using your special OpenSSL build (the one used by mod_ssl)

    I tried to build apache as below.

    ./configure --prefix=/usr/local/apache2 --with-ssl=/u01/fipsssl --enable-ssl
    -with-ldap --enable-ssl --enable-authnz-ldap --enable-ldap
    --with-mpm=prefork

    mod_ssl/2.2.17 compiled against Server: Apache/2.2.17, Library:
    OpenSSL/0.9.8r-fips

    Everything works fine, except when I go to do ldap authentication. The
    browser pops up a username/password window, I enter my username/password and
    then hit submit.... I get back "Internet Explorer cannot display the
    webpage" and in the error log I see the below segmentation fault.... but if
    I turn of ldap it works fine...:

    Thu Mar 17 14:47:04 2011] [info] [client 129.6.84.222] Connection to child 2
    established (server acctnew.nist.gov:7100)
    [Thu Mar 17 14:47:04 2011] [info] Seeding PRNG with 136 bytes of entropy
    [Thu Mar 17 14:47:04 2011] [info] Initial (No.1) HTTPS request received for
    child 2 (server acctnew.nist.gov:7100)
    [Thu Mar 17 14:47:04 2011] [info] [client 129.6.84.222] Connection closed to
    child 2 with unclean shutdown (server acctnew.nist.gov:7100)
    [Thu Mar 17 14:47:10 2011] [info] [client 129.6.84.222] Connection to child
    3 established (server acctnew.nist.gov:7100)
    [Thu Mar 17 14:47:10 2011] [info] Seeding PRNG with 136 bytes of entropy
    [Thu Mar 17 14:47:10 2011] [info] Initial (No.1) HTTPS request received for
    child 3 (server acctnew.nist.gov:7100)
    [Thu Mar 17 14:47:11 2011] [notice] child pid 25625 exit signal Segmentation
    fault (11)

    Thank you for any help!
    Sam


    --
    Born in Roswell... married an alien...

    ---------------------------------------------------------------------
    The official User-To-User support forum of the Apache HTTP Server Project.
    See <URL:http://httpd.apache.org/userslist.html> for more info.
    To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
    " from the digest: users-digest-unsubscribe@httpd.apache.org
    For additional commands, e-mail: users-help@httpd.apache.org
  • Sam Theman at Mar 18, 2011 at 3:32 pm
    actually, I also need to know how do you build openldap with openssl... I don't see any option to use a particluar openssl

    From: xray316@hotmail.com
    To: users@httpd.apache.org
    Date: Fri, 18 Mar 2011 11:18:02 -0400
    Subject: RE: [users@httpd] Where are the step-by-step instructions for building apache 2.2.17 with LDAP authentication?








    ....but after I build openldap with the special openssl, how do I point apache to use it rather than the system openssl?


    Thanks, I think you are right, I tried non-ssl ldap bind, and it worked fine....

    Date: Fri, 18 Mar 2011 09:52:10 -0400
    From: trawick@gmail.com
    To: users@httpd.apache.org
    CC: xray316@hotmail.com
    Subject: Re: [users@httpd] Where are the step-by-step instructions for building apache 2.2.17 with LDAP authentication?
    On Fri, Mar 18, 2011 at 9:29 AM, Sam Theman wrote:
    Hello,

    Can anyone point me to some step-by-step directions on how to build apache
    2.2.17 with openldap.... I am on Red Hat 4 2.6.9-89.35.1.ELsmp

    Do I need to install openldap?
    your build apparently found the system OpenLDAP

    my guess: you are using ldaps, and you need to build OpenLDAP yourself
    using your special OpenSSL build (the one used by mod_ssl)

    I tried to build apache as below.

    ./configure --prefix=/usr/local/apache2 --with-ssl=/u01/fipsssl --enable-ssl
    -with-ldap --enable-ssl --enable-authnz-ldap --enable-ldap
    --with-mpm=prefork

    mod_ssl/2.2.17 compiled against Server: Apache/2.2.17, Library:
    OpenSSL/0.9.8r-fips

    Everything works fine, except when I go to do ldap authentication. The
    browser pops up a username/password window, I enter my username/password and
    then hit submit.... I get back "Internet Explorer cannot display the
    webpage" and in the error log I see the below segmentation fault.... but if
    I turn of ldap it works fine...:

    Thu Mar 17 14:47:04 2011] [info] [client 129.6.84.222] Connection to child 2
    established (server acctnew.nist.gov:7100)
    [Thu Mar 17 14:47:04 2011] [info] Seeding PRNG with 136 bytes of entropy
    [Thu Mar 17 14:47:04 2011] [info] Initial (No.1) HTTPS request received for
    child 2 (server acctnew.nist.gov:7100)
    [Thu Mar 17 14:47:04 2011] [info] [client 129.6.84.222] Connection closed to
    child 2 with unclean shutdown (server acctnew.nist.gov:7100)
    [Thu Mar 17 14:47:10 2011] [info] [client 129.6.84.222] Connection to child
    3 established (server acctnew.nist.gov:7100)
    [Thu Mar 17 14:47:10 2011] [info] Seeding PRNG with 136 bytes of entropy
    [Thu Mar 17 14:47:10 2011] [info] Initial (No.1) HTTPS request received for
    child 3 (server acctnew.nist.gov:7100)
    [Thu Mar 17 14:47:11 2011] [notice] child pid 25625 exit signal Segmentation
    fault (11)

    Thank you for any help!
    Sam


    --
    Born in Roswell... married an alien...

    ---------------------------------------------------------------------
    The official User-To-User support forum of the Apache HTTP Server Project.
    See <URL:http://httpd.apache.org/userslist.html> for more info.
    To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
    " from the digest: users-digest-unsubscribe@httpd.apache.org
    For additional commands, e-mail: users-help@httpd.apache.org
  • Jeff Trawick at Mar 18, 2011 at 4:14 pm

    On Fri, Mar 18, 2011 at 11:18 AM, Sam Theman wrote:
    ....but after I build openldap with the special openssl, how do I point
    apache to use it rather than the system openssl?
    run srclib/apr-util/configure --help | grep ldap

    --with-ldap-include=path path to ldap include files with trailing slash
    --with-ldap-lib=path path to ldap lib file
    --with-ldap=library ldap library to use

    Possibly "--with-ldap=/path/to/openldap/prefix" is all you need to add.
    Thanks, I think you are right, I tried non-ssl ldap bind, and it worked
    fine....
    ---------------------------------------------------------------------
    The official User-To-User support forum of the Apache HTTP Server Project.
    See <URL:http://httpd.apache.org/userslist.html> for more info.
    To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
    " from the digest: users-digest-unsubscribe@httpd.apache.org
    For additional commands, e-mail: users-help@httpd.apache.org
  • Igor Galić at Mar 22, 2011 at 7:28 pm

    ----- Original Message -----
    On Fri, Mar 18, 2011 at 11:18 AM, Sam Theman wrote:
    ....but after I build openldap with the special openssl, how do I
    point
    apache to use it rather than the system openssl?
    run srclib/apr-util/configure --help | grep ldap

    --with-ldap-include=path path to ldap include files with trailing
    slash
    --with-ldap-lib=path path to ldap lib file
    --with-ldap=library ldap library to use

    Possibly "--with-ldap=/path/to/openldap/prefix" is all you need to
    add.
    Almost:
    http://mail-archives.apache.org/mod_mbox/httpd-users/201103.mbox/browser
    Thanks, I think you are right, I tried non-ssl ldap bind, and it
    worked
    fine....
    (How) Did you build OpenLDAP? Did you build it against the same OpenSSL?

    i

    --
    Igor Galić

    Tel: +43 (0) 664 886 22 883
    Mail: i.galic@brainsware.org
    URL: http://brainsware.org/

    ---------------------------------------------------------------------
    The official User-To-User support forum of the Apache HTTP Server Project.
    See <URL:http://httpd.apache.org/userslist.html> for more info.
    To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
    " from the digest: users-digest-unsubscribe@httpd.apache.org
    For additional commands, e-mail: users-help@httpd.apache.org
  • Ezra Taylor at Mar 19, 2011 at 3:37 am
    Sam:
    I suggest you learn openldap first, then proceed to configuring
    Openldap and Apache. Also, you are using a very old version of Redhat. You
    can download Centos, which is a RHEL(Redhat Enterprise Linux) clone. The
    site is www.centos.org. The openldap site is openldap.org. A
    good tutorial for openldap http://www.zytrax.com/books/ldap/. These guys,
    I think have done a great job explaining Openldap. Good luck.
    On Fri, Mar 18, 2011 at 9:29 AM, Sam Theman wrote:

    Hello,

    Can anyone point me to some step-by-step directions on how to build apache
    2.2.17 with openldap.... I am on Red Hat 4 2.6.9-89.35.1.ELsmp

    Do I need to install openldap?


    I tried to build apache as below.

    ./configure --prefix=/usr/local/apache2 --with-ssl=/u01/fipsssl
    --enable-ssl -with-ldap --enable-ssl --enable-authnz-ldap --enable-ldap
    --with-mpm=prefork

    mod_ssl/2.2.17 compiled against Server: Apache/2.2.17, Library:
    OpenSSL/0.9.8r-fips

    Everything works fine, except when I go to do ldap authentication. The
    browser pops up a username/password window, I enter my username/password and
    then hit submit.... I get back "Internet Explorer cannot display the
    webpage" and in the error log I see the below segmentation fault.... but if
    I turn of ldap it works fine...:

    Thu Mar 17 14:47:04 2011] [info] [client 129.6.84.222] Connection to child
    2 established (server acctnew.nist.gov:7100)
    [Thu Mar 17 14:47:04 2011] [info] Seeding PRNG with 136 bytes of entropy
    [Thu Mar 17 14:47:04 2011] [info] Initial (No.1) HTTPS request received for
    child 2 (server acctnew.nist.gov:7100)
    [Thu Mar 17 14:47:04 2011] [info] [client 129.6.84.222] Connection closed
    to child 2 with unclean shutdown (server acctnew.nist.gov:7100)
    [Thu Mar 17 14:47:10 2011] [info] [client 129.6.84.222] Connection to child
    3 established (server acctnew.nist.gov:7100)
    [Thu Mar 17 14:47:10 2011] [info] Seeding PRNG with 136 bytes of entropy
    [Thu Mar 17 14:47:10 2011] [info] Initial (No.1) HTTPS request received for
    child 3 (server acctnew.nist.gov:7100)
    [Thu Mar 17 14:47:11 2011] [notice] child pid 25625 exit signal
    Segmentation fault (11)

    Thank you for any help!
    Sam


    --
    Ezra Taylor

Related Discussions

Discussion Navigation
viewthread | post
Discussion Overview
groupusers @
categoriesapache
postedMar 18, '11 at 1:30p
activeMar 22, '11 at 7:28p
posts7
users4
websitehttpd.apache.org
irc#httpd

People

Translate

site design / logo © 2022 Grokbase