Server Name Indication (SNI) on Debian Lenny is easy to implement. OpenSSL is already SNI-capable, only the Apache Webserver is a bit outdated. So lets backport Apache >= 2.2.12 to Lenny. Here is my little step-by-step howto:
Install a compiler an the debian dpkg-Development Environment:
$ sudo aptitude install dpkg-dev build-essential fakeroot |
To build apache, you will nee libcap2-dev and autoconf too:
$ sudo aptitude install libcap2-dev autoconf |
…and the build dependencies for apache2:
$ sudo apt-get build-dep apache2 |
Download the Apache 2.2.14 sources for the current testing release from http://packages.debian.org/source/squeeze/apache2:
$ wget http://ftp.de.debian.org/debian/pool/main/a/apache2/apache2_2.2.14-1.dsc $ wget http://ftp.de.debian.org/debian/pool/main/a/apache2/apache2_2.2.14.orig.tar.gz $ wget http://ftp.de.debian.org/debian/pool/main/a/apache2/apache2_2.2.14-1.diff.gz |
Extract the source packages:
$ dpkg-source -x apache2_2.2.14-1.dsc |
Compile the package:
$ cd apache2-2.2.14/ $ dpkg-buildpackage -us -uc -rfakeroot |
(-us and -uc supresses the digital signature, fakeroot allows to set the ownership of the archived files to root, even if you are not root currently)
Install the desired apache packets:
$ cd ../ $ dpkg -i apache2_2.2.14-1_i386.deb apache2.2-bin_2.2.14-1_i386.deb apache2.2-common_2.2.14-1_i386.deb apache2-mpm-prefork_2.2.14-1_i386.deb apache2-suexec_2.2.14-1_i386.deb apache2-utils_2.2.14-1_i386.deb |
Finally, remove the packages you installed to build the apache2-packages.
