...
Code Block |
---|
/etc/init.d/mysql stop mv /var/lib/mysql /home/db chown -R db:db /home/db cd /etc/ cp /root/my.cnf . /etc/init.d/mysql start start |
Be certain to use the my.cnf file from the ISDA software repository, as it sets the database user to be 'db' (and not the default 'mysql'), and put the home and data
directories into /home/db.
...
Code Block |
---|
mkdir /home/www/tmp cd /home/www/tmp tar -xzvf /root/openssl-0.9.8a.tar.gz cd openssl-0.9.8a ./config --prefix=/home/www/ssl --openssldir=/home/www/ssl make make install install |
6. Setup certificates
6a: get the mitca at http://ca.mit.edu/mitClient.crt and save it as /usr/local/ssl/certs/mitClient.crt
...
Code Block |
---|
openssl x509 -in /home/www/ssl/certs/mitClient.crt -inform DER -outform PEM -out /home/www/ssl/certs/mitCA.pem pem |
6c. Generate rsa key. This simply generates some random stuff:
Code Block |
---|
ps > /tmp/foo ps -elf >> /tmp/foo cd /home/www/ssl/bin ./openssl genrsa -rand /tmp/foo 1024 >/home/www/ssl/private/`hostname`-key.pem |
6d. Generate request for a certificatecd /home/www/ssl/bin
Code Block |
---|
./openssl req -key /home/www/ssl/private/`hostname`-key.pem -new \ |
...
>../certs/`hostname`-req.pem |
send the file /usr/local/ssl/certs/`hostname`-req.pem to mitcert@mit.edu,
...
Code Block |
---|
cd /home/www/tmp tar -xzvf /root/php-5.2.3.tar.gz ./configure --with-mysql --with-kerberos=/usr/kerberos --prefix=/home/www/php-5.2.0 --with-apxs2=/home/www/apache-2.2.4/bin/apxs \ --enable-fastcgi --enable-magic-quotes --with-openssl --with-mysql-sock=/home/db/mysql/mysql.sock --with-mysqli --enable-sockets --enable-soap \ --with-openssl-dir=/home/www/ssl --with-pear=/usr/share/pear make make install install |
9. Configure Apache