Cannot make on Centos 5 with SSL

Chris Savery chrissavery at gmail.com
Fri Aug 15 23:18:36 MSD 2008 

Thank you very much for that. It did the trick and I was able to build 
easily then.

My next problem seems to be that SSL doesn't want to work. Here is my 
conf that I'm testing with - I have another server on port 443 so I'm 
testing on 1443 here. But I cannot connect - just says connecting and 
then never seems to get it. Nginx is werving fine on non-ssl though. No 
messages in error log but at first it said cannot bind as I mistakenly 
tried using port 443. Then I changed that.

If you see anything obvious here please let me know as I plug away on it.
Chris :)

server {
        listen  74.223.185.26:1443;
        server_name  mydomain.com www.mydomain.com n1.mydomain.com;
        root    /var/www/mydomain/adminX;

        ssl                  on;
        ssl_certificate      /var/local/ssl/certs/wild.mydomain.crt;
        ssl_certificate_key  /var/local/ssl/private/wild.mydomain.key;

        ssl_session_timeout  5m;

        ssl_protocols  SSLv2 SSLv3 TLSv1;
        ssl_ciphers  
ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
        ssl_prefer_server_ciphers   on;

        location ~ \.php$ { fastcgi_pass 127.0.0.1:9000; include 
fastcgi_params; }
    }


Igor Sysoev wrote:
> On Fri, Aug 15, 2008 at 07:58:01PM +0700, Chris Savery wrote:
>
>   
>> I have successfully built and tested nginx on Ubuntu at home and want to 
>> now test it on my real server running Centos 5. I can build without ssl 
>> option fine and it all works.
>>
>> Now I want to build with ssl. I have provided the correct options afaik 
>> and it configures ok but during the build it gives the errors below 
>> (actually a huge list of linker errors but I cut just the first bit):
>>
>> -- snip snip --
>>    objs/src/http/modules/ngx_http_browser_module.o \
>>    objs/src/http/modules/ngx_http_upstream_ip_hash_module.o \
>>    objs/ngx_modules.o \
>>    -lcrypt -lpcre /usr/lib/libssl.a /usr/lib/libcrypto.a -ldl -lz
>> /usr/lib/libssl.a(kssl.o): In function `get_rc_clockskew':
>> (.text+0x111): undefined reference to `krb5_rc_default'
>> /usr/lib/libssl.a(kssl.o): In function `get_rc_clockskew':
>> (.text+0x12c): undefined reference to `krb5_rc_initialize'
>> /usr/lib/libssl.a(kssl.o): In function `get_rc_clockskew':
>> -- snip snip --
>>
>> Here is the configure line:
>> ./configure --with-openssl=/usr/lib --with-http_ssl_module 
>> --conf-path=/etc/nginx/nginx.conf --with-md5=auto/lib/md5 
>> --with-sha1=auto/lib/sha1
>>
>> seems like something wrong between krb5 and openssl. I checked that both 
>> were updated with yum but I don't know what to look at next.
>>     
>
> --with-openssl=, --with-md5=, and --with-sha1= must point to directory with
> library sources. Remove them: nginx's configure will find all by itself.
>
>
>   

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://nginx.org/pipermail/nginx/attachments/20080816/8585dbe1/attachment.html>

More information about the nginx mailing list