Apache SSL, PHP Setup:
You’ll want openSSL to be able to encrypt the connections. This can be downloaded from www.openssl.org/source/:
bash-2.03$ tar -xzf openssl-0.9.5a.tar.gz bash-2.03$ cd openssl-0.9.5a bash-2.03$ ./config bash-2.03$ make bash-2.03$ sudo make install
Get Apache from www.apache.org/dist:
bash-2.03$ tar -xzf apache_1.3.19.tar.gz
You’ll also need mod_ssl to add as an Apache plug-in from www.modssl.org/source/:
bash-2.03$ tar -xzf mod_ssl-2.8.2-1.3.19.tar.gz bash-2.03$ cd /home/stew/mod_ssl-2.8.2-1.3.19 bash-2.03$ ./configure --with-ssl=../openssl-0.9.5a --with-apache=../apache_1.3.19
Back to Apache:
bash-2.03$ export SSL_BASE=../openssl-0.9.5a bash-2.03$ ./configure --enable-module=ssl --enable-shared=ssl bash-2.03$ make bash-2.03$ make certificate bash-2.03$ make install
You’ll be asked a number of organizational questions during the “make certificate” step, as well as being prompted for a pass phrase to decrypt the key.
Three server certificate files will be created in the Apache directory:
conf/ssl.key/server.key conf/ssl.crt/server.crt conf/ssl.csr/server.csr
The last of these can be submitted to an official certificate authority if you would like to get an official certificate.
You’ll need PHP to implement SquirrelMail. PHP is a scripting language that can be built as a module for Apache. It is downloadable from www.php.net.
bash-2.03$ tar -xzf php-4.0.4pl1.tar.gz bash-2.03$ cd php-4.0.4pl1 bash-2.03$ ./configure --with-apxs=/usr/local/apache/bin/apxs bash-2.03$ make bash-2.03$ sudo make install
If you want international language support add --with-gettext to the configure line.
Make sure the following lines are in /etc/httpd/conf/httpd.conf:
LoadModule php4_module modules/libphp4.so AddModule mod_php4.c AddType application/x-httpd-php .php3 .phtml .php AddType application/x-httpd-php-source .phps
They may be scattered about, but they should be there. I found that the PHP entries ended up wrapped inside of the <IfDefined SSL> stanza. To use PHP without SSL, you’ll want them outside of that entry. Cut and paste to move beyond </IfDefined>:
<IfDefine SSL> LoadModule ssl_module libexec/libssl.so </IfDefine> LoadModule php4_module libexec/libphp4.so <IfDefine SSL> AddModule mod_ssl.c </IfDefine> AddModule mod_php4.c
You will also need to change the port Apache uses. By default it is installed set to 8080, so the server does not need to be run as root initially. Normal http access is at port 80, and https access is at port 443. If you choose to use the higher numbered ports, you’ll have to inform your users to connect to them instead.
You’ll also probably want to add index.php to the DirectoryIndex entry:
DirectoryIndex index.html index.php
You should see something like this in /var/log/http/error.log:
[Sun Apr 22 22:20:47 2001] [notice] Apache/1.3.19 (Unix) PHP/4.0.4pl1 configured -- resuming normal operations
You can test your PHP by creating the following file and putting it somewhere in your web directory space:
<? phpinfo(); ?>
Call it php_info.php3. If you access this file with a browser you should see a nice page describing the PHP compilation options, and a lot of other useful information.
Part 3 of this series will deal with SquirrelMail, and Part 4 with enabling SSL. The following week will feature a closing sidebar story regarding off-the-shelf packages that handle IMAP under UNIX systems.