How to enable SNI with Apache in Redhat 5.11 The Next CEO of Stack OverflowInstalling OpenSSL that supports SNI along with previous version of OpenSSLHow do I enable apache modules from the command line in RedHat?Setup Apache 2.2 With SNI Under Ubuntu 8.04Nameserver change resolving to incorrect IP address after WHM restoreApache SNI namevhosts always route to first VirtualHost entryStrict SNI matching for ApacheInstalling OpenSSL that supports SNI along with previous version of OpenSSLSSL SNI security concernsTLS SNI alternative in apacheHow compile PHP modules/extensions from sourceHow do I make FilesMatch NOT blocking certain things?
What CSS properties can the br tag have?
(How) Could a medieval fantasy world survive a magic-induced "nuclear winter"?
Purpose of level-shifter with same in and out voltages
Why doesn't UK go for the same deal Japan has with EU to resolve Brexit?
What difference does it make using sed with/without whitespaces?
Do I need to write [sic] when including a quotation with a number less than 10 that isn't written out?
Is it ok to trim down a tube patch?
Spaces in which all closed sets are regular closed
What was Carter Burke's job for "the company" in Aliens?
Does the Idaho Potato Commission associate potato skins with healthy eating?
Reference request: Grassmannian and Plucker coordinates in type B, C, D
Can Sneak Attack be used when hitting with an improvised weapon?
Is there a reasonable and studied concept of reduction between regular languages?
Physiological effects of huge anime eyes
Aggressive Under-Indexing and no data for missing index
Audio Conversion With ADS1243
Man transported from Alternate World into ours by a Neutrino Detector
Do scriptures give a method to recognize a truly self-realized person/jivanmukta?
How to get the last not-null value in an ordered column of a huge table?
Help understanding this unsettling image of Titan, Epimetheus, and Saturn's rings?
How to use ReplaceAll on an expression that contains a rule
Graph of the history of databases
Are the names of these months realistic?
How to find image of a complex function with given constraints?
How to enable SNI with Apache in Redhat 5.11
The Next CEO of Stack OverflowInstalling OpenSSL that supports SNI along with previous version of OpenSSLHow do I enable apache modules from the command line in RedHat?Setup Apache 2.2 With SNI Under Ubuntu 8.04Nameserver change resolving to incorrect IP address after WHM restoreApache SNI namevhosts always route to first VirtualHost entryStrict SNI matching for ApacheInstalling OpenSSL that supports SNI along with previous version of OpenSSLSSL SNI security concernsTLS SNI alternative in apacheHow compile PHP modules/extensions from sourceHow do I make FilesMatch NOT blocking certain things?
I am on redhat 5.11. I want to enable SNI with apache, but I only have Apache/2.2.3 + OpenSSL 0.9.8e-fips-rhel5. I am in a very similar situation like this https://access.redhat.com/discussions/1320983
Based on this, https://wiki.apache.org/httpd/NameBasedSSLVHostsWithSNI, it seems I need to compile openssl and apache from source. Is it possible that I install the new openssl and apache from rpm packages, not compiling from source?
If I have to compile them from source, is it step-by-step guide? (I found a debian guide: https://www.howtoforge.com/enable-multiple-https-sites-on-one-ip-using-tls-extensions-on-debian-etch) and this: Installing OpenSSL that supports SNI along with previous version of OpenSSL
apache-2.2 redhat sni
edited Apr 13 '17 at 12:14
Community♦
1
asked Aug 20 '15 at 5:48
kenpeterkenpeter
14215
bumped to the homepage by Community♦ yesterday
This question has answers that may be good or bad; the system has marked it active so that they can be reviewed.
|
show 1 more comment
I am on redhat 5.11. I want to enable SNI with apache, but I only have Apache/2.2.3 + OpenSSL 0.9.8e-fips-rhel5. I am in a very similar situation like this https://access.redhat.com/discussions/1320983
Based on this, https://wiki.apache.org/httpd/NameBasedSSLVHostsWithSNI, it seems I need to compile openssl and apache from source. Is it possible that I install the new openssl and apache from rpm packages, not compiling from source?
If I have to compile them from source, is it step-by-step guide? (I found a debian guide: https://www.howtoforge.com/enable-multiple-https-sites-on-one-ip-using-tls-extensions-on-debian-etch) and this: Installing OpenSSL that supports SNI along with previous version of OpenSSL
apache-2.2 redhat sni
edited Apr 13 '17 at 12:14
Community♦
1
asked Aug 20 '15 at 5:48
kenpeterkenpeter
14215
bumped to the homepage by Community♦ yesterday
This question has answers that may be good or bad; the system has marked it active so that they can be reviewed.
1
Might be time to do an OS upgrade.
– womble♦
Aug 20 '15 at 5:52
I never have experience on upgrading redhat 5 to 6. Will lots of things break?
– kenpeter
Aug 20 '15 at 5:56
RedHat provides a way to do an upgrade between majour releases, but they do not recommend using it. access.redhat.com/solutions/21964 The best thing would be to just install a fresh system and copy the data over.
– Gene
Aug 20 '15 at 6:02
1
RHEL 5 is in Production 3 phase. You should not be deploying anything new on it, as it will go EOL soon. Migrate to a new RHEL 7 server with a current Apache and OpenSSL version.
– Michael Hampton♦
Aug 20 '15 at 6:06
1
@kenpeter, if you think that's a nightmare just keep in mind it's a bigger nightmare to troubleshoot an unsupported software configuration. When things go wrong, and they will go wrong, you will have a hard time finding help for your shoe horned installation.
– Gene
Aug 20 '15 at 6:36
|
show 1 more comment
I am on redhat 5.11. I want to enable SNI with apache, but I only have Apache/2.2.3 + OpenSSL 0.9.8e-fips-rhel5. I am in a very similar situation like this https://access.redhat.com/discussions/1320983
Based on this, https://wiki.apache.org/httpd/NameBasedSSLVHostsWithSNI, it seems I need to compile openssl and apache from source. Is it possible that I install the new openssl and apache from rpm packages, not compiling from source?
If I have to compile them from source, is it step-by-step guide? (I found a debian guide: https://www.howtoforge.com/enable-multiple-https-sites-on-one-ip-using-tls-extensions-on-debian-etch) and this: Installing OpenSSL that supports SNI along with previous version of OpenSSL
apache-2.2 redhat sni
edited Apr 13 '17 at 12:14
Community♦
1
asked Aug 20 '15 at 5:48
kenpeterkenpeter
14215
I am on redhat 5.11. I want to enable SNI with apache, but I only have Apache/2.2.3 + OpenSSL 0.9.8e-fips-rhel5. I am in a very similar situation like this https://access.redhat.com/discussions/1320983
Based on this, https://wiki.apache.org/httpd/NameBasedSSLVHostsWithSNI, it seems I need to compile openssl and apache from source. Is it possible that I install the new openssl and apache from rpm packages, not compiling from source?
If I have to compile them from source, is it step-by-step guide? (I found a debian guide: https://www.howtoforge.com/enable-multiple-https-sites-on-one-ip-using-tls-extensions-on-debian-etch) and this: Installing OpenSSL that supports SNI along with previous version of OpenSSL
apache-2.2 redhat sni
apache-2.2 redhat sni
edited Apr 13 '17 at 12:14
Community♦
1
asked Aug 20 '15 at 5:48
kenpeterkenpeter
14215
edited Apr 13 '17 at 12:14
Community♦
1
asked Aug 20 '15 at 5:48
kenpeterkenpeter
14215
edited Apr 13 '17 at 12:14
Community♦
1
edited Apr 13 '17 at 12:14
Community♦
1
edited Apr 13 '17 at 12:14
Community♦
1
1
asked Aug 20 '15 at 5:48
kenpeterkenpeter
14215
asked Aug 20 '15 at 5:48
kenpeterkenpeter
14215
asked Aug 20 '15 at 5:48
kenpeterkenpeter
14215
14215
bumped to the homepage by Community♦ yesterday
This question has answers that may be good or bad; the system has marked it active so that they can be reviewed.
bumped to the homepage by Community♦ yesterday
This question has answers that may be good or bad; the system has marked it active so that they can be reviewed.
1
Might be time to do an OS upgrade.
– womble♦
Aug 20 '15 at 5:52
I never have experience on upgrading redhat 5 to 6. Will lots of things break?
– kenpeter
Aug 20 '15 at 5:56
RedHat provides a way to do an upgrade between majour releases, but they do not recommend using it. access.redhat.com/solutions/21964 The best thing would be to just install a fresh system and copy the data over.
– Gene
Aug 20 '15 at 6:02
1
RHEL 5 is in Production 3 phase. You should not be deploying anything new on it, as it will go EOL soon. Migrate to a new RHEL 7 server with a current Apache and OpenSSL version.
– Michael Hampton♦
Aug 20 '15 at 6:06
1
@kenpeter, if you think that's a nightmare just keep in mind it's a bigger nightmare to troubleshoot an unsupported software configuration. When things go wrong, and they will go wrong, you will have a hard time finding help for your shoe horned installation.
– Gene
Aug 20 '15 at 6:36
|
show 1 more comment
1
Might be time to do an OS upgrade.
– womble♦
Aug 20 '15 at 5:52
I never have experience on upgrading redhat 5 to 6. Will lots of things break?
– kenpeter
Aug 20 '15 at 5:56
RedHat provides a way to do an upgrade between majour releases, but they do not recommend using it. access.redhat.com/solutions/21964 The best thing would be to just install a fresh system and copy the data over.
– Gene
Aug 20 '15 at 6:02
1
RHEL 5 is in Production 3 phase. You should not be deploying anything new on it, as it will go EOL soon. Migrate to a new RHEL 7 server with a current Apache and OpenSSL version.
– Michael Hampton♦
Aug 20 '15 at 6:06
1
@kenpeter, if you think that's a nightmare just keep in mind it's a bigger nightmare to troubleshoot an unsupported software configuration. When things go wrong, and they will go wrong, you will have a hard time finding help for your shoe horned installation.
– Gene
Aug 20 '15 at 6:36
1
1
Might be time to do an OS upgrade.
– womble♦
Aug 20 '15 at 5:52
Might be time to do an OS upgrade.
– womble♦
Aug 20 '15 at 5:52
I never have experience on upgrading redhat 5 to 6. Will lots of things break?
– kenpeter
Aug 20 '15 at 5:56
I never have experience on upgrading redhat 5 to 6. Will lots of things break?
– kenpeter
Aug 20 '15 at 5:56
RedHat provides a way to do an upgrade between majour releases, but they do not recommend using it. access.redhat.com/solutions/21964 The best thing would be to just install a fresh system and copy the data over.
– Gene
Aug 20 '15 at 6:02
RedHat provides a way to do an upgrade between majour releases, but they do not recommend using it. access.redhat.com/solutions/21964 The best thing would be to just install a fresh system and copy the data over.
– Gene
Aug 20 '15 at 6:02
1
1
RHEL 5 is in Production 3 phase. You should not be deploying anything new on it, as it will go EOL soon. Migrate to a new RHEL 7 server with a current Apache and OpenSSL version.
– Michael Hampton♦
Aug 20 '15 at 6:06
RHEL 5 is in Production 3 phase. You should not be deploying anything new on it, as it will go EOL soon. Migrate to a new RHEL 7 server with a current Apache and OpenSSL version.
– Michael Hampton♦
Aug 20 '15 at 6:06
1
1
@kenpeter, if you think that's a nightmare just keep in mind it's a bigger nightmare to troubleshoot an unsupported software configuration. When things go wrong, and they will go wrong, you will have a hard time finding help for your shoe horned installation.
– Gene
Aug 20 '15 at 6:36
@kenpeter, if you think that's a nightmare just keep in mind it's a bigger nightmare to troubleshoot an unsupported software configuration. When things go wrong, and they will go wrong, you will have a hard time finding help for your shoe horned installation.
– Gene
Aug 20 '15 at 6:36
|
show 1 more comment
1 Answer
1
active
oldest
votes
There are a lot of people still running RHEL 5 / CentOS 5 for several reasons. Unfortunately RHEL 5 is out of support and additionally there was never a package with OpenSSL >= 1 for RHEL 5.
If you don't have any concerns about using a foreign repo then you can use "tuxad repo". It provides a different and more easy way to update OpenSSL of RHEL 5 to the one of RHEL 6 (which is still supported):
- Install tuxad repo for RHEL 5: rpm -i http://www.tuxad.de/repo/5/tuxad.rpm
- Update packages: yum update
More details can be found here:
www.tuxad.de/blog/archives/2014/11/19/openssl_updatesenhancements_for_rhel__centos_5
www.tuxad.de/blog/archives/2018/07/21/tuxad_rh5_repo_now_with_phpopenssl1
This repo contains several packages which are rebuild against OpenSSL 1:
- httpd (also include other enhancements like ECDH support)
- postfix
- dovecot
- curl
- lynx
- mutt
- vsftpd
- w3m
- wget
- php
- php from RHEL 6 backported (in separate repo "tuxad-php")
answered Jul 29 '18 at 15:17
reichhartreichhart
21525
Dear God, WHY? Let it fade into the dustbin of history where it belongs.
– Michael Hampton♦
Jul 29 '18 at 15:23
:-) Well, sometimes there are requirements for this. Right now I was not able to install RHEL 7 on my router - or at least not able to install it RUNNABLE. And right now I still don't understand why an init system requires some bloat like a QR encoding library. ;-)
– reichhart
Aug 11 '18 at 18:26
add a comment |
StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "2"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);
else
createEditor();
);
function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);
);
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f715447%2fhow-to-enable-sni-with-apache-in-redhat-5-11%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
There are a lot of people still running RHEL 5 / CentOS 5 for several reasons. Unfortunately RHEL 5 is out of support and additionally there was never a package with OpenSSL >= 1 for RHEL 5.
If you don't have any concerns about using a foreign repo then you can use "tuxad repo". It provides a different and more easy way to update OpenSSL of RHEL 5 to the one of RHEL 6 (which is still supported):
- Install tuxad repo for RHEL 5: rpm -i http://www.tuxad.de/repo/5/tuxad.rpm
- Update packages: yum update
More details can be found here:
www.tuxad.de/blog/archives/2014/11/19/openssl_updatesenhancements_for_rhel__centos_5
www.tuxad.de/blog/archives/2018/07/21/tuxad_rh5_repo_now_with_phpopenssl1
This repo contains several packages which are rebuild against OpenSSL 1:
- httpd (also include other enhancements like ECDH support)
- postfix
- dovecot
- curl
- lynx
- mutt
- vsftpd
- w3m
- wget
- php
- php from RHEL 6 backported (in separate repo "tuxad-php")
answered Jul 29 '18 at 15:17
reichhartreichhart
21525
Dear God, WHY? Let it fade into the dustbin of history where it belongs.
– Michael Hampton♦
Jul 29 '18 at 15:23
:-) Well, sometimes there are requirements for this. Right now I was not able to install RHEL 7 on my router - or at least not able to install it RUNNABLE. And right now I still don't understand why an init system requires some bloat like a QR encoding library. ;-)
– reichhart
Aug 11 '18 at 18:26
add a comment |
There are a lot of people still running RHEL 5 / CentOS 5 for several reasons. Unfortunately RHEL 5 is out of support and additionally there was never a package with OpenSSL >= 1 for RHEL 5.
If you don't have any concerns about using a foreign repo then you can use "tuxad repo". It provides a different and more easy way to update OpenSSL of RHEL 5 to the one of RHEL 6 (which is still supported):
- Install tuxad repo for RHEL 5: rpm -i http://www.tuxad.de/repo/5/tuxad.rpm
- Update packages: yum update
More details can be found here:
www.tuxad.de/blog/archives/2014/11/19/openssl_updatesenhancements_for_rhel__centos_5
www.tuxad.de/blog/archives/2018/07/21/tuxad_rh5_repo_now_with_phpopenssl1
This repo contains several packages which are rebuild against OpenSSL 1:
- httpd (also include other enhancements like ECDH support)
- postfix
- dovecot
- curl
- lynx
- mutt
- vsftpd
- w3m
- wget
- php
- php from RHEL 6 backported (in separate repo "tuxad-php")
answered Jul 29 '18 at 15:17
reichhartreichhart
21525
Dear God, WHY? Let it fade into the dustbin of history where it belongs.
– Michael Hampton♦
Jul 29 '18 at 15:23
:-) Well, sometimes there are requirements for this. Right now I was not able to install RHEL 7 on my router - or at least not able to install it RUNNABLE. And right now I still don't understand why an init system requires some bloat like a QR encoding library. ;-)
– reichhart
Aug 11 '18 at 18:26
add a comment |
There are a lot of people still running RHEL 5 / CentOS 5 for several reasons. Unfortunately RHEL 5 is out of support and additionally there was never a package with OpenSSL >= 1 for RHEL 5.
If you don't have any concerns about using a foreign repo then you can use "tuxad repo". It provides a different and more easy way to update OpenSSL of RHEL 5 to the one of RHEL 6 (which is still supported):
- Install tuxad repo for RHEL 5: rpm -i http://www.tuxad.de/repo/5/tuxad.rpm
- Update packages: yum update
More details can be found here:
www.tuxad.de/blog/archives/2014/11/19/openssl_updatesenhancements_for_rhel__centos_5
www.tuxad.de/blog/archives/2018/07/21/tuxad_rh5_repo_now_with_phpopenssl1
This repo contains several packages which are rebuild against OpenSSL 1:
- httpd (also include other enhancements like ECDH support)
- postfix
- dovecot
- curl
- lynx
- mutt
- vsftpd
- w3m
- wget
- php
- php from RHEL 6 backported (in separate repo "tuxad-php")
answered Jul 29 '18 at 15:17
reichhartreichhart
21525
There are a lot of people still running RHEL 5 / CentOS 5 for several reasons. Unfortunately RHEL 5 is out of support and additionally there was never a package with OpenSSL >= 1 for RHEL 5.
If you don't have any concerns about using a foreign repo then you can use "tuxad repo". It provides a different and more easy way to update OpenSSL of RHEL 5 to the one of RHEL 6 (which is still supported):
- Install tuxad repo for RHEL 5: rpm -i http://www.tuxad.de/repo/5/tuxad.rpm
- Update packages: yum update
More details can be found here:
www.tuxad.de/blog/archives/2014/11/19/openssl_updatesenhancements_for_rhel__centos_5
www.tuxad.de/blog/archives/2018/07/21/tuxad_rh5_repo_now_with_phpopenssl1
This repo contains several packages which are rebuild against OpenSSL 1:
- httpd (also include other enhancements like ECDH support)
- postfix
- dovecot
- curl
- lynx
- mutt
- vsftpd
- w3m
- wget
- php
- php from RHEL 6 backported (in separate repo "tuxad-php")
answered Jul 29 '18 at 15:17
reichhartreichhart
21525
answered Jul 29 '18 at 15:17
reichhartreichhart
21525
answered Jul 29 '18 at 15:17
reichhartreichhart
21525
answered Jul 29 '18 at 15:17
reichhartreichhart
21525
21525
Dear God, WHY? Let it fade into the dustbin of history where it belongs.
– Michael Hampton♦
Jul 29 '18 at 15:23
:-) Well, sometimes there are requirements for this. Right now I was not able to install RHEL 7 on my router - or at least not able to install it RUNNABLE. And right now I still don't understand why an init system requires some bloat like a QR encoding library. ;-)
– reichhart
Aug 11 '18 at 18:26
add a comment |
Dear God, WHY? Let it fade into the dustbin of history where it belongs.
– Michael Hampton♦
Jul 29 '18 at 15:23
:-) Well, sometimes there are requirements for this. Right now I was not able to install RHEL 7 on my router - or at least not able to install it RUNNABLE. And right now I still don't understand why an init system requires some bloat like a QR encoding library. ;-)
– reichhart
Aug 11 '18 at 18:26
Dear God, WHY? Let it fade into the dustbin of history where it belongs.
– Michael Hampton♦
Jul 29 '18 at 15:23
Dear God, WHY? Let it fade into the dustbin of history where it belongs.
– Michael Hampton♦
Jul 29 '18 at 15:23
:-) Well, sometimes there are requirements for this. Right now I was not able to install RHEL 7 on my router - or at least not able to install it RUNNABLE. And right now I still don't understand why an init system requires some bloat like a QR encoding library. ;-)
– reichhart
Aug 11 '18 at 18:26
:-) Well, sometimes there are requirements for this. Right now I was not able to install RHEL 7 on my router - or at least not able to install it RUNNABLE. And right now I still don't understand why an init system requires some bloat like a QR encoding library. ;-)
– reichhart
Aug 11 '18 at 18:26
add a comment |
Thanks for contributing an answer to Server Fault!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f715447%2fhow-to-enable-sni-with-apache-in-redhat-5-11%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
1
Might be time to do an OS upgrade.
– womble♦
Aug 20 '15 at 5:52
I never have experience on upgrading redhat 5 to 6. Will lots of things break?
– kenpeter
Aug 20 '15 at 5:56
RedHat provides a way to do an upgrade between majour releases, but they do not recommend using it. access.redhat.com/solutions/21964 The best thing would be to just install a fresh system and copy the data over.
– Gene
Aug 20 '15 at 6:02
1
RHEL 5 is in Production 3 phase. You should not be deploying anything new on it, as it will go EOL soon. Migrate to a new RHEL 7 server with a current Apache and OpenSSL version.
– Michael Hampton♦
Aug 20 '15 at 6:06
1
@kenpeter, if you think that's a nightmare just keep in mind it's a bigger nightmare to troubleshoot an unsupported software configuration. When things go wrong, and they will go wrong, you will have a hard time finding help for your shoe horned installation.
– Gene
Aug 20 '15 at 6:36