Last active
July 11, 2019 12:18
-
-
Save c9pr3/5417bba898341c18c205 to your computer and use it in GitHub Desktop.
NGINX with (other location) static openssl
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Static linking a shared OpenSSL .a to NGINX 1.9.10 so far got me into some trouble so here we go. | |
(Found/Know a better way? Go tell me, I would appreciate it a lot! :-)) | |
remove package libssl-dev before starting! | |
Get openssl, unpack to /tmp | |
# with-openssl= breaks it, therefor | |
mv /tmp/openssl /usr/pkg # yes, rename it. *dont* move it under pkg/ | |
Get nginx, unpack to /tmp | |
cd /tmp/nginx | |
create ./fixssl.sh and insert | |
OPENSSL_INSTALL_DIR=/opt/my-other-openssl-dir | |
OPENSSL_LIB_DIR="$OPENSSL_INSTALL_DIR/lib" | |
for FILE in "auto/lib/sha1/conf" "auto/lib/md5/conf" "auto/lib/openssl/conf" | |
do | |
TFILE=`mktemp /tmp/fix.XXXXXXXXXX` | |
sed -e "s|-lssl|$OPENSSL_LIB_DIR/libssl.so|g" "$FILE" > "$TFILE" | |
mv "$TFILE" "$FILE" | |
TFILE=`mktemp /tmp/fix.XXXXXXXXXX` | |
sed -e "s|-lcrypto|$OPENSSL_LIB_DIR/libcrypto.so|g" "$FILE" > "$TFILE" | |
mv "$TFILE" "$FILE" | |
done | |
save, close. | |
bash fixssl.sh | |
./configure --with-ld-opt="-static" --with-debug --with-ipv6 --with-http_ssl_module --with-http_stub_status_module --with-pcre --with-mail --with-mail_ssl_module --error-log-path=/var/log/nginx.log --http-log-path=/var/log/nginx.access.log --http-client-body-temp-path=/tmp/nginx_client --http-proxy-temp-path=/tmp/nginx_proxy --http-fastcgi-temp-path=/tmp/nginx_fastcgi --without-http_scgi_module --without-http_uwsgi_module --with-stream --with-stream_ssl_module --with-ld-opt="-Wl,--gc-sections" --with-ld-opt="-L/opt/my-other-openssl-dir/lib /opt/my-other-openssl-dir/lib/libssl.a -ldl" --with-ld-opt="-Wl,-s" | |
make -j 20 | |
# objdump -p objs/nginx|grep NEEDED|grep -i ssl | |
NEEDED libssl.so.1.0.0 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment