Apache2.2.3+PHP5.2.0+MySQL5.0.27+openssl0.98d安装笔记
1.安装mysql-5.0.27-max
#tar zxvf mysql-5.0.27-max-i386.tar.gz
#mv mysql-max-5.0.27-linux-i686 /usr/local/mysql
#groupadd mysql
#useradd -d /usr/local/mysql/data -s /sbin/nologin -g mysql mysql
#cd /usr/local/mysql
#chown -R root .
#chown -R mysql data
#chgrp -R mysql .
#./scripts/mysql_install_db --user=mysql
#./bin/mysqld_safe --user=mysql &
#cp ./support-files/mysql.server /etc/rc.d/init.d/mysqld
#chmod 700 /etc/rc.d/init.d/mysqld
#chkconfig --add mysqld
测试
#/usr/local/mysql/bin/mysqladmin ping
#/usr/local/mysql/bin/mysqladmin version
#/usr/local/mysql/bin/mysql
添加root密码
#/usr/local/mysql/bin/mysqladmin -uroot -p
2.安装zlib-1.2.3
#tar zxvf zlib-1.2.3.tar.gz
#cd zlib-1.2.3
#./configure --prefix=/usr/local/zlib
#make
#make install
3.安装openssl-0.9.8d
#tar zxvf openssl-0.9.8d.tar.gz
#cd openssl-0.9.8d
#./config --prefix=/usr/local/openssl --openssldir=/usr/local/openssl shared zlib
#make
#make test
#make install
4.安装httpd-2.2.3
#tar zxvf httpd-2.2.3.tar.gz
#cd httpd-2.2.3
#./configure --prefix=/usr/local/apache --sysconfdir=/etc/httpd --enable-so --enable-ssl --with-ssl=/usr/local/openssl --enable-track-vars --enable-rewrite --with-z-dir=/usr/local/zlib
#make
#make install
#echo "/usr/local/apache/bin/apachectl start" >> /etc/rc.d/rc.local(系统启动时服务自动启动)
5.安装libpng-1.2.14
#tar zxvf libpng-1.2.14.tar.gz
# cd libpng-1.2.14
# cp scripts/makefile.linux makefile
# make (若是提示找不到zlib库文件或者头文件,多半是makefile文件里zlib的默认路径有误。可编辑makefile文件,找到zlib项并重新指定路径到/usr/local/zlib/lib和/usr/local/zlib/include)。
# make install
6.安装freetype-2.1.10
# tar -zvxf freetype-2.1.10.tar.gz
# cd freetype-2.1.10
# mkdir -p /usr/local/freetype
# ./configure --prefix=/usr/local/freetype
# make;make install
7.安装jpegsrc.v6b
jpeg默认不会自建目录,因此需手动建立目录:
# mkdir -p /usr/local/jpeg6
# mkdir -p /usr/local/jpeg6/bin
# mkdir -p /usr/local/jpeg6/lib
# mkdir -p /usr/local/jpeg6/include
# mkdir -p /usr/local/jpeg6/man
# mkdir -p /usr/local/jpeg6/man1
# mkdir -p /usr/local/jpeg6/man/man1
安装
#tar zxvf jpegsrc.v6b.tar.gz
# ./configure --prefix=/usr/local/jpeg6/ --enable-shared --enable-static
# make
# make install
# make install-lib
8.安装libxml2-2.6.19
# tar -zxf libxml2-2.6.19.tar.gz
# cd libxml2-2.6.19
# mkdir -p /usr/local/libxml2
# ./configure --prefix=/usr/local/libxml2
# make; make install
#cp xml2-config /usr/bin
9.安装GD-2.0.33库
# tar -zvxf gd-2.0.33.tar.gz
# mkdir -p /usr/local/gd2
# cd gd-2.0.33
# ./configure --prefix=/usr/local/gd --with-jpeg=/usr/local/jpeg6/
--with-png=/usr/local/lib/
--with-zlib=/usr/local/zlib/
--with-freetype=/usr/local/freetype/
# make; make install
10.安装php-5.2.0
# tar -zvxf php-5.2.0.tar.gz
# mkdir -p /usr/local/php
# cd php-5.2.0
# ./configure --prefix=/usr/local/php (注意使用续行符)
--with-apxs2=/usr/local/apache2/bin/apxs
--with-mysql-dir=/usr/local/mysql
--with-xml=/usr/local/libxml2
--with-png=/usr/local/lib
--with-jpeg-dir=/usr/local/jpeg6
--with-zlib=/usr/local/zlib
--with-freetype=/usr/local/freetype
--with-gd=/usr/local/gd
--enable-track-vars
--enable-mbstring=all
# make
# make install
# cp php.ini-dist /usr/local/php/lib/php.ini
11.编辑apache配置文件httpd.conf
# vi /etc/httpd/httpd.conf
要改的有如下几处:
找到LoadModule php5_module modules/libphp5.so
前面的#号去掉(默认已去掉注释)
#AddType application/x-gzip .gz .tgz
下加二行
AddType application/x-httpd-php .php
AddType application/x-httpd-php-source .phps
还有找到DirectoryIndex index.html
加上 index.php 让它把index.php做为默认页
12.测试PHP
# vi /usr/local/apache/htdocs/index.php(其中/usr/local/apache/htdocs为网页主目录)
添加:
phpinfo();
?>
重新启动apache服务器
# /usr/local/apache/bin/apachectl restart
浏览器里测试一下
13.安装ZendOptimizer-3.0.1-linux-glibc21-i386(此好像与php-5.2.0不兼容)
#tar zxvf ZendOptimizer-3.0.1-linux-glibc21-i386.tar.gz
#cd ZendOptimizer-3.0.1
# ./install.sh
14.启用ssl
(1)下载ssl.ca-0.1.tar.gz(适合新手使用)到/etc/httpd(Apache2.2.3安装时指定的配置文件目录)
#tar zxvf ssl.ca-0.1.tar.gz
#cd ssl.ca-0.1
生成根证书
#./new-root-ca.sh
No Root CA key round. Generating one
Generating RSA private key, 1024 bit long modulus
...............................++++++
.......++++++
e is 65537 (0x10001)
Enter pass phrase for ca.key: (此处要输入一个密码,至少四位)
Verifying - Enter pass phrase for ca.key: (重复以上密码)
Self-sign the root CA...
Enter pass phrase for ca.key: (刚刚输过的密码)
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [MY]:CN
State or Province Name (full name) [Perak]:HeNan
Locality Name (eg, city) [Sitiawan]:Zhengzhou
Organization Name (eg, company) [My Directory Sdn Bhd]:Benet Ltd
Organizational Unit Name (eg, section) [Certification Services Division]:Marion
Common Name (eg, MD Root CA) []:Benet CA
Email Address []:knightma@yeah.net
如此可以生成ca.key和ca.crt两个文件;其中的省份、公司等内容可以按照你自己的相法来设定。
接下来要为服务器生成一个证书:
# ./new-server-cert.sh server (这个证书的名字是server)
No server.key round. Generating one
Generating RSA private key, 1024 bit long modulus
....++++++
.............++++++
e is 65537 (0x10001)
Fill in certificate data
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [MY]:CN
State or Province Name (full name) [Perak]:HeNan
Locality Name (eg, city) [Sitiawan]:Zhengzhou
Organization Name (eg, company) [My Directory Sdn Bhd]:Benet Ltd
Organizational Unit Name (eg, section) [Secure Web Server]:Marion
Common Name (eg, ) []:localhost
Email Address []:knightma@yeah.net
You may now run ./sign-server-cert.sh to get it signed
执行结束后生成了server.csr和server.key这两个文件。但它们还需要签署一下才能使用。
# ./sign-server-cert.sh server
CA signing: server.csr -> server.crt:
Using configuration from ca.config
Enter pass phrase for ./ca.key:
Check that the request matches the signature
Signature ok
The Subject's Distinguished Name is as follows
countryName :PRINTABLE:'CN'
stateOrProvinceName :PRINTABLE:'HeNan'
localityName :PRINTABLE:'Zhengzhou'
organizationName :PRINTABLE:'Benet Ltd'
organizationalUnitName:PRINTABLE:'Marion'
commonName :PRINTABLE:'localhost'
emailAddress :IA5STRING:''
Certificate is to be certified until Nov 21 11:58:38 2007 GMT (365 days)
Sign the certificate? [y/n]:y
1 out of 1 certificate requests certified, commit? [y/n]y
Write out database with 1 new entries
Data Base Updated
CA verifying: server.crt <-> CA cert
server.crt: OK
(2)接下来要按照/etc/httpd/extra/httpd-ssl.conf里面的设置,将证书放在适当的位置。
#cp ./server.key /etc/httpd
#cp ./server.crt /etc/httpd
#cd ..
#chmod 400 server.key
(3)编辑/etc/httpd/httpd.conf
找到如下一句,将前面的注释#去掉
#Include /etc/httpd/extra/httpd-ssl.conf
而后重启apache即可
#killall -9 httpd
#/usr/local/apache/bin/apachectl start
(4)查看监听端口,确认里面有:443端口
#netstat -tnl
(5)
