Here is another episode in the problems with the mod_ssl module in Apache on Leopard. But it is a positive one. Because of the latest security update 2008-2 the default Apache install on OS X Leopard is now 2.2.8. This means we can upgrade our version as well and copy the mod_ssl module from the original installation as done previously.

I’ve looked for more workarounds, but they are all a bit drastic or don’t work. The one I haven’t tried yet is upgrading libtool as I’m not sure that would help and not break any other stuff.

You only need to do this if you need mod_ssl, if you can live without it just follow the normal installation instructions.

As noted earlier there are some problems since 2.2.6 with the mod_ssl module in Leopard.

There seems to be some progress being made by people at apache as someone posted a comment to the original post which you might have missed. You can read the bugreport at: http://issues.apache.org/bugzilla/show_bug.cgi?id=44384

It looks like a version issue of the libtool, a new version of libtool has solved the problem. I hope it works out and I will see what I can do to help you compile it properly on your Mac running Leopard.

Apache just released version 2.2.8 of it’s webserver. It’s mostly just a security fix release. When using it on Tiger there isn’t any issue with compiling and installing it as described in the documentation. On Leopard it’s another issue (or there is still the same issue). The bug we found in the apr configuration with the APR_HAS_SENDFILE option is now solved. You can compile it out of the box. The problem with mod_ssl still stands and needs to be solved. This time even copying the original mod_ssl module which worked with 2.2.6 doesn’t help anymore. If anyone has any ideas how to solve this problem I and many others would be very gratefull for that!

Thanks to Tim we’ve got a simple workaround to get our own compiled Apache version 2.2.6 running on Leopard with a proper SSL module. The solution is to just use the original mod_ssl module from the original installation. The original mod_ssl module can be found in /usr/libexec/apache2/.

To use this original module the best way possible use these commands:

cd /usr/local/apache2/modules/
sudo mv mod_ssl.so mod_ssl.so.old
sudo ln -s /usr/libexec/apache2/mod_ssl.so mod_ssl.so

Restart the server, uncomment the mod_ssl module in your httpd.conf and restart the server to see it working.

You could also copy the module from its original location but I choose this method because it will benefit from any update that might happen with a security update from Apple.

I can only hope it will also work with a new version of Apache, but we’ll have to wait and see.

As people are compiling Apache on Leopard and because its not the usual configure, make, install procedure. I thought a separate blog post explaining it would help people to get it all working.

There are 2 ways to define the setup, go for the default Leopard install method and overwrite the current Apache installation or install a separate instance. The separate instance falls in line with all the other DIYMacserver documentation. The Leopard install will keep the functionality of the preference pane intact. You choose !

The difference in the configuration is made in the ‘config.layout’ file which determines where all the packages should be installed. For both methods copy the layout below and add it to the ‘config.layout’ file.

DIYMacserver installation configuration
<Layout DIYMacServer>
  prefix: /usr/local/apache2
  exec_prefix: ${prefix}
  bindir: ${exec_prefix}/bin
  sbindir: ${exec_prefix}/bin
  libdir: ${exec_prefix}/lib
  libexecdir: ${exec_prefix}/modules
  mandir: ${prefix}/man
  sysconfdir: /etc/httpd
  datadir: /Library/Webserver
  installbuilddir: ${datadir}/build
  errordir: ${datadir}/error
  iconsdir: ${datadir}/icons
  htdocsdir: ${datadir}/Documents
  manualdir: ${datadir}/manual
  cgidir: ${datadir}/CGI-Executables
  includedir: ${prefix}/include
  localstatedir: /var
  runtimedir: ${localstatedir}/run
  logfiledir: ${localstatedir}/log/httpd
  proxycachedir: ${runtimedir}/proxy
</Layout>

Leopard installation configuration

<Layout Leopard>
  prefix: /usr
  exec_prefix: ${prefix}
  bindir: ${exec_prefix}/bin
  sbindir: ${exec_prefix}/sbin
  libdir: ${exec_prefix}/lib
  libexecdir: ${exec_prefix}/libexec+
  mandir: ${prefix}/share/man
  sysconfdir: /etc+
  datadir: /Library/Webserver
  installbuilddir: ${prefix}/share/httpd/build
  errordir: ${prefix}/share/httpd/error
  iconsdir: ${prefix}/share/httpd/icons
  htdocsdir: ${datadir}/Documents
  manualdir: ${datadir}/share/httpd/manual
  cgidir: ${datadir}/CGI-Executables
  includedir: ${prefix}/include+
  localstatedir: /var
  runtimedir: ${localstatedir}/run
  logfiledir: ${localstatedir}/log+
  proxycachedir: ${runtimedir}/proxy
</Layout>

If you’ve edited the ‘config.layout’ file you are ready to run the configuration script. Change the ‘–enable-layout’ to reflect your choice in configuration. So fill in either DIYMacServer or Leopard to choose, the example uses DIYMacServer as the layout.

./configure --enable-layout=DIYMacServer \
--enable-mods-shared=all \
--with-ssl=/usr \
--with-mpm=prefork \
--disable-static \
--disable-unique-id \
--disable-ipv6 \
--enable-ssl \
--enable-dav \
--enable-cache \
--enable-proxy \
--enable-shared \
--enable-logio \
--enable-deflate \
--with-included-apr \
--enable-cgi \
--enable-cgid \
--enable-suexec

You can now run:

make

and if it all goes well:

sudo make install

If you run into errors or some strange thig happens which you can’t explain, please post you questions and the error into the forum on this site:

The configuration and all the other posts related to apache in the documentation set are still valid, you still can use those.

Tiger shipped with the heavily outdated Apache 1.3.x and PHP 4.x. While both of these versions where working and helped people to get started most of us liked working on the newer releases of that software. Besides the Apache Software Foundation has moved into security update, and critical bug fix only mode for the 1.3.x series of the web server and as we all know the PHP project as announced end of life for PHP 4. Its a good time to move on as I showed you how to do on my blog.

To my surprise however I found when plating around with my Leopard install it has as default the latest version of Apache and PHP installed per default. You still need to activate the PHP module yourself by uncommenting it in the httpd.conf configuration file which is in a new location by the way.

The new location of the configuration and the modules is in ‘/etc/apache2/’ instead of the default ‘/etc/httpd/’ you would expect. I’m sticking to the last one by the way for my installation.

The modules are installed in ‘/usr/libexec/apache2/’ and there are some remarkable modules name in there. What would you think of a module called mod_bonjour, I wonder what that one does. Another one is mod_auth_svn which would indicate a default installation and wonder me it’s installed. Mod_perl and mod_fast-cgi are there as well. I will try to mimic the availabilty of these modules in my install scripts.

PHP is another question, with php-info() you can retrieve the configure command-line, it looks like:

./configure '--prefix=/usr' '--mandir=/usr/share/man' '--infodir=/usr/share/info' '--disable-dependency-tracking' '--with-apxs2=/usr/sbin/apxs' '--with-ldap=/usr' '--with-kerberos=/usr' '--enable-cli' '--with-zlib-dir=/usr' '--enable-trans-sid' '--with-xml' '--enable-exif' '--enable-ftp' '--enable-mbstring' '--enable-mbregex' '--enable-dbx' '--enable-sockets' '--with-iodbc=/usr' '--with-curl=/usr' '--with-config-file-path=/etc' '--sysconfdir=/private/etc' '--with-mysql-sock=/var/mysql' '--with-mysqli=/usr/bin/mysql_config' '--with-mysql=/usr' '--with-openssl' '--with-xmlrpc' '--with-xsl=/usr' '--without-pear'

Which looks a lot what I had with some extra’s, I’m looking into which ones I will add.

During my absence (having a summer holiday in Italy is something I can suggest as a well spend two weeks) there where again many updates. I’ll briefly name there here and will let you know later on if there where any problems with it.

PHP got upgraded to version 5.2.4 which covers several bug fixes and some inor security bugs. A detailed changelog can be found here.

Apache was updated to version 2.2.6, this version is principally a bug and security fix release. Read the changelog for more info.

Lighttpd was updated to version 1.4.18 which contains a fix for a buffer-overrun in the fastcgi protocol.

After the first steps on migrating the MySQL documentation and opening up this site I haven’t been sitting idle and waiting for all those new visitors. I’ve been rewriting the Apache2 install and configure documentation that I’ve had on the old site. I just finished it and it’s ready for you to use. I hope you’ll enjoy this version as much as you all did the last one. Just click on over to the Docs section to see it all. When all the documentation has migrated I will enhance the documentation a bit further and I think I’ll show you how to compile and install individual Apache2 modules.

Well it has been a few days since I got the email for the new release of Apache and I was going to write about it sooner. But as happens often I got sidetracked and didn’t think of it until error reports came in via email and comments that there was something wrong with my compilation instructions.

It looks like we need an extra flag to compile properly namely the “--with-included-apr” option to force internal APR functionality and not from another package. The installation page has been updated accordingly !

There are more changes and bugs fixed besides this change, you can read all about them at the download page of apache, read the Changes file. I can’t link to it directly as it is dynamically altered to link to a mirror in your neighborhood.