How to enable Server Name Indication (SNI) on Debian Lenny

Server Name Indication (SNI) on Debian Lenny is easy to implement. OpenSSL is already SNI-capable, only the Apache Webserver is a bit outdated. So lets backport Apache >= 2.2.12 to Lenny. Here is my little step-by-step howto:

Install a compiler an the debian dpkg-Development Environment:

$ sudo aptitude install dpkg-dev build-essential fakeroot

To build apache, you will nee libcap2-dev and autoconf too:

$ sudo aptitude install libcap2-dev autoconf

…and the build dependencies for apache2:

$ sudo apt-get build-dep apache2

Download the Apache 2.2.14 sources for the current testing release from http://packages.debian.org/source/squeeze/apache2:

$ wget http://ftp.de.debian.org/debian/pool/main/a/apache2/apache2_2.2.14-1.dsc
$ wget http://ftp.de.debian.org/debian/pool/main/a/apache2/apache2_2.2.14.orig.tar.gz
$ wget http://ftp.de.debian.org/debian/pool/main/a/apache2/apache2_2.2.14-1.diff.gz

Extract the source packages:

$ dpkg-source -x apache2_2.2.14-1.dsc

Compile the package:

$ cd apache2-2.2.14/
$ dpkg-buildpackage -us -uc -rfakeroot

(-us and -uc supresses the digital signature, fakeroot allows to set the ownership of the archived files to root, even if you are not root currently)

Install the desired apache packets:

$ cd ../
$ dpkg -i apache2_2.2.14-1_i386.deb apache2.2-bin_2.2.14-1_i386.deb apache2.2-common_2.2.14-1_i386.deb apache2-mpm-prefork_2.2.14-1_i386.deb apache2-suexec_2.2.14-1_i386.deb apache2-utils_2.2.14-1_i386.deb

Finally, remove the packages you installed to build the apache2-packages.

5 Antworten auf „How to enable Server Name Indication (SNI) on Debian Lenny“

  1. Hi,
    I just tested it and it works with the version in squeeze really nice 🙂
    (The version is now apache2_2.2.15-2 btw)

    I just had to trick a bit with dependencys(i need to force ignore them) and i had to change the install order but otherwhise its a great tutorial.

    Thanks.

    Sincerely,
    Stephan

  2. Hi,
    Great tutorial. Meanwhile apache2 downloadable seems to be 2_2.16.

    The number of broken dependencies possibly grew:
    debian unmet build dependencies libssl-dev debhelper libaprutil1-dev libcap-dev apache2

    I get lots of warnings, primarly the following, thousand of times:
    warning: deferencing type-punned pointer will break strict-aliasing rules

    The build stops with this message:
    sh: dh_bugfiles: command not found
    make: *** [install] Error 127
    dpkb-buildpackage: failure: fakeroot debian/rules binary gave error exit status 2

    Any idea how to solve that would be great. I wouldn’t mind building apache 2_2.15 if available…

    Thanks and regards
    alex

  3. I downloaded 2_2.14 and apache finally says „it works“! Great tutorial, it really works! Regards alex

Kommentare sind geschlossen.