Actions

Help

Difference between revisions of "Install:OpenLiteSpeed with SPDY Installation Notes"

From OpenLiteSpeed Wiki

(Install OpenSSL 1.0.1 through yum)
(Install OpenSSL 1.0.1 through yum)
Line 1: Line 1:
 
== Install OpenSSL 1.0.1 through yum ==
 
== Install OpenSSL 1.0.1 through yum ==
SPDY requires OpenSSL 1.0.1 or higher. You can do yum installation <code>yum install openssl-devel</code> if system default package version meets the requirement (Currently CentOS 6 and 7 come with OpenSSL 1.0.1 or above). You can check OpenSSL version by running the command <code>yum search openssl-devel</code> before the package installed or running the command <code>openssl version</code> if the package has been installed. <code>/usr</code> is the default path to OpenSSL and <code>/usr/openssl</code> is the name of OpenSSL directory.
+
SPDY requires OpenSSL 1.0.1 or higher. You can do yum installation <code>yum install openssl-devel</code> if system default package version meets the requirement (Currently CentOS 6 and 7 come with OpenSSL 1.0.1 or above). You can check OpenSSL version by running the command <code>yum search openssl-devel</code> before the package installation or running the command <code>openssl version</code> if the package has been installed. <code>/usr</code> is the default path to OpenSSL and <code>/usr/openssl</code> is the name of OpenSSL directory.
  
 
== Install OpenSSL 1.0.1 through source code ==
 
== Install OpenSSL 1.0.1 through source code ==

Revision as of 14:18, 22 October 2014

Install OpenSSL 1.0.1 through yum

SPDY requires OpenSSL 1.0.1 or higher. You can do yum installation yum install openssl-devel if system default package version meets the requirement (Currently CentOS 6 and 7 come with OpenSSL 1.0.1 or above). You can check OpenSSL version by running the command yum search openssl-devel before the package installation or running the command openssl version if the package has been installed. /usr is the default path to OpenSSL and /usr/openssl is the name of OpenSSL directory.

Install OpenSSL 1.0.1 through source code

If your system does not have a high enough version of OpenSSL, it can be downloaded from the OpenSSL site. (Specifically, CentOS 5 does not come with OpenSSL 1.0.1.)

Upgrading OpenSSL can cause problems in your system, so it is not recommended to replace your current version of OpenSSL if you have a version lower than 1.0.1. Instead, we recommend that you install OpenSSL in a separate directory where it can be used specifically for OpenLiteSpeed. You need to be careful when doing this so that OpenLiteSpeed will be able to find all the files it needs when installing. Use the following steps:

  1. Download and unpack a newer version of OpenSSL from the OpenSSL site.
  2. From inside the unpacked package, run the commands:
./config --prefix=/usr/local --openssldir=/usr/local/openssl
make
make install
/usr/local is the path to your new OpenSSL directory and /usr/local/openssl is the name of your new OpenSSL directory. You can put your new version of OpenSSL wherever you want, but you need to stipulate the directory name and name it oppenssl. This is how OpenLiteSpeed will know where to look for the right files.

Install OpenLiteSpeed with spdy enabled

After openssl-devel package installed, You can then direct OpenLiteSpeed to this directory during installation of OpenLiteSpeed. Use the --with-openssl configuration option shown below:

./configure --with-openssl=/usr --enable-spdy ( for your yum installation ) 
make
make install
or
./configure --with-openssl=/usr/local --enable-spdy ( for your customized installation)
make
make install

The above series of commands directs OpenLiteSpeed to look for your copy of OpenSSL in /usr or /usr/local depend on your installation. You can customize this to wherever you have installed OpenSSL 1.0.1. The above series also enables SPDY support. This is discussed in the next section.

Enabling SPDY

OpenLiteSpeed's SPDY module is not compiled in by default. To add SPDY support, you need to add the configuration option --enable-spdy as shown above when you build a new binary.

Once the SPDY module is built in, you turn on SPDY using the Enable SPDY setting in the Listeners tab in the WebAdmin console (WebAdmin console > Configuration > Listeners > SSL). In this setting, you can enable SPDY/2 and/or SPDY/3 or disable SPDY altogether. Both SPDY/2 and SPDY/3 are enabled by default.