-
-
Save yanburman/2b287ac6d01ca133146721f415d1ce14 to your computer and use it in GitHub Desktop.
NGINX with (other location) static openssl
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Static linking a shared OpenSSL .a to NGINX 1.9.10 so far got me into some trouble so here we go. | |
(Found/Know a better way? Go tell me, I would appreciate it a lot! :-)) | |
remove package libssl-dev before starting! | |
Get openssl, unpack to /tmp | |
# with-openssl= breaks it, therefor | |
mv /tmp/openssl /usr/pkg # yes, rename it. *dont* move it under pkg/ | |
Get nginx, unpack to /tmp | |
cd /tmp/nginx | |
create ./fixssl.sh and insert | |
OPENSSL_INSTALL_DIR=/opt/my-other-openssl-dir | |
OPENSSL_LIB_DIR="$OPENSSL_INSTALL_DIR/lib" | |
for FILE in "auto/lib/sha1/conf" "auto/lib/md5/conf" "auto/lib/openssl/conf" | |
do | |
TFILE=`mktemp /tmp/fix.XXXXXXXXXX` | |
sed -e "s|-lssl|$OPENSSL_LIB_DIR/libssl.so|g" "$FILE" > "$TFILE" | |
mv "$TFILE" "$FILE" | |
TFILE=`mktemp /tmp/fix.XXXXXXXXXX` | |
sed -e "s|-lcrypto|$OPENSSL_LIB_DIR/libcrypto.so|g" "$FILE" > "$TFILE" | |
mv "$TFILE" "$FILE" | |
done | |
save, close. | |
bash fixssl.sh | |
./configure --with-ld-opt="-static" --with-debug --with-ipv6 --with-http_ssl_module --with-http_stub_status_module --with-pcre --with-mail --with-mail_ssl_module --error-log-path=/var/log/nginx.log --http-log-path=/var/log/nginx.access.log --http-client-body-temp-path=/tmp/nginx_client --http-proxy-temp-path=/tmp/nginx_proxy --http-fastcgi-temp-path=/tmp/nginx_fastcgi --without-http_scgi_module --without-http_uwsgi_module --with-stream --with-stream_ssl_module --with-ld-opt="-Wl,--gc-sections" --with-ld-opt="-L/opt/my-other-openssl-dir/lib /opt/my-other-openssl-dir/lib/libssl.a -ldl" --with-ld-opt="-Wl,-s" | |
make -j 20 | |
# objdump -p objs/nginx|grep NEEDED|grep -i ssl | |
NEEDED libssl.so.1.0.0 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment