Actions

Help

Difference between revisions of "Install:OpenLiteSpeed with SPDY Installation Notes"

From OpenLiteSpeed Wiki

m (Removed Help Category.)
 
(32 intermediate revisions by 2 users not shown)
Line 1: Line 1:
 +
When compiled from source, OpenLiteSpeed does not have SPDY support compiled by default. SPDY support must be [[Help:Install:OpenLiteSpeed_with_SPDY_Installation_Notes#Install OpenLiteSpeed with SPDY enabled|specifically enabled]] when compiling.
 +
 +
Compiling SPDY requires OpenSSL 1.0.1 or higher. Many, but not all, operating systems come with a high enough version of OpenSSL. (Specifically, CentOS 5 is shipped with OpenSSL 0.9.8.) This wiki will take you through the steps for checking your OpenSSL version, installing a newer version (if necessary), and compiling OpenLiteSpeed with SPDY.
 +
 +
If you [[Help:Repositories|install OpenLiteSpeed from one of our repositories]], SPDY will be compiled and enabled (and can be used) by default, even if you have CentOS 5.
 +
 +
__TOC__
 +
 +
== Check OpenSSL version ==
 +
 +
You can check your current OpenSSL version by running the command <code>openssl version</code>.
 +
 
== Install OpenSSL 1.0.1 ==
 
== Install OpenSSL 1.0.1 ==
SPDY requires OpenSSL 1.0.1 or higher. If your system does not have a high enough version of OpenSSL, it can be downloaded from the [http://www.openssl.org/source/ OpenSSL site]. Specifically, CentOS 5 and CentOS 6 do not come with OpenSSL 1.0.1.
+
If your system does not have a high enough version of OpenSSL, it can be downloaded from the [http://www.openssl.org/source/ OpenSSL site].  
 +
 
 +
Upgrading OpenSSL can cause problems in your system, so it is not recommended to replace your current version of OpenSSL if you have a version lower than 1.0.1. Instead, we recommend that you install OpenSSL in a separate directory where it can be used specifically for compiling OpenLiteSpeed. You need to be careful when doing this so that OpenLiteSpeed will be able to find all the files it needs when installing. Use the following steps:
  
Upgrading OpenSSL can cause problems in your system, so it is not recommended to replace your current version of OpenSSL if you have a version lower than 1.0.1. Instead, we recommend that you install OpenSSL in a separate directory where it can be used specifically for OpenLiteSpeed. You can then direct OpenLiteSpeed to this directory during installation of OpenLiteSpeed. Use the <code>--openssldir</code> configuration option shown below:
+
# Download and unpack a newer version of OpenSSL from the [http://www.openssl.org/source/ OpenSSL site].
 +
# From inside the unpacked package, run the commands:
 +
<blockquote><pre>
 +
./config --prefix=/usr/local --openssldir=/usr/local/openssl
 +
make
 +
make install
 +
</pre></blockquote>
 +
<blockquote><code>/usr/local</code> is the path to your new OpenSSL directory and <code>/usr/local/openssl</code> is the name of your new OpenSSL directory. You can put your new version of OpenSSL wherever you want, but you need to stipulate the directory name and name it <code>oppenssl</code>. This is how OpenLiteSpeed will know where to look for the right files.</blockquote>
 +
 
 +
== Install OpenLiteSpeed with SPDY enabled ==
 +
 
 +
When [[Help:Install:Command_Line|building OpenLiteSpeed]], use the <code>--enable-spdy</code> option to build OpenLiteSpeed with SPDY enabled. When building with SPDY enabled, you must stipulate where your installation of OpenSSL is using the <code>--with-openssl</code> configuration option shown below:
  
 
<blockquote><pre>
 
<blockquote><pre>
./configure --prefix=/usr/local --openssldir=/usr/local/openssl --enable-spdy
+
./configure --with-openssl=/usr --enable-spdy  
 
make
 
make
 
make install
 
make install
 
</pre></blockquote>
 
</pre></blockquote>
  
The above series of commands directs OpenLiteSpeed to look for your copy of OpenSSL in <code>/usr/local/openssl</code>. You can customize this to wherever you have installed OpenSSL 1.0.1. The above series also enables SPDY support. This is discussed in the next section.
+
'''Note:''' The default OpenSSL location is <code>/usr</code>. If you installed another copy of OpenSSL in a different directory (such as in <code>/usr/local</code>, as directed above), be sure to direct OpenLiteSpeed to look for OpenSSL in the correct directory.
  
 
== Enabling SPDY ==
 
== Enabling SPDY ==
  
OpenLiteSpeed's SPDY module is not compiled in by default. To add SPDY support, you need to add the configuration option <code>--enable-spdy</code> as shown above when you build a new binary.
+
Once SPDY support has been built in, you turn on SPDY using the Enable SPDY setting in the Listeners tab of the WebAdmin console (WebAdmin console > Configuration > Listeners > SSL). In this setting, you can enable SPDY/2 and/or SPDY/3 or disable SPDY altogether. All versions are enabled by default.
 
 
Once the SPDY module is built in, you turn on SPDY using the Enable SPDY setting in the Listeners tab in the WebAdmin console (WebAdmin console > Configuration > Listeners > SSL). In this setting, you can enable SPDY/2 and/or SPDY/3 or disable SPDY altogether. Both SPDY/2 and SPDY/3 are enabled by default.
 
  
[[Category:Help]]
+
[[Category:SPDY]]

Latest revision as of 22:10, 13 December 2017

When compiled from source, OpenLiteSpeed does not have SPDY support compiled by default. SPDY support must be specifically enabled when compiling.

Compiling SPDY requires OpenSSL 1.0.1 or higher. Many, but not all, operating systems come with a high enough version of OpenSSL. (Specifically, CentOS 5 is shipped with OpenSSL 0.9.8.) This wiki will take you through the steps for checking your OpenSSL version, installing a newer version (if necessary), and compiling OpenLiteSpeed with SPDY.

If you install OpenLiteSpeed from one of our repositories, SPDY will be compiled and enabled (and can be used) by default, even if you have CentOS 5.

Check OpenSSL version

You can check your current OpenSSL version by running the command openssl version.

Install OpenSSL 1.0.1

If your system does not have a high enough version of OpenSSL, it can be downloaded from the OpenSSL site.

Upgrading OpenSSL can cause problems in your system, so it is not recommended to replace your current version of OpenSSL if you have a version lower than 1.0.1. Instead, we recommend that you install OpenSSL in a separate directory where it can be used specifically for compiling OpenLiteSpeed. You need to be careful when doing this so that OpenLiteSpeed will be able to find all the files it needs when installing. Use the following steps:

  1. Download and unpack a newer version of OpenSSL from the OpenSSL site.
  2. From inside the unpacked package, run the commands:
./config --prefix=/usr/local --openssldir=/usr/local/openssl
make
make install
/usr/local is the path to your new OpenSSL directory and /usr/local/openssl is the name of your new OpenSSL directory. You can put your new version of OpenSSL wherever you want, but you need to stipulate the directory name and name it oppenssl. This is how OpenLiteSpeed will know where to look for the right files.

Install OpenLiteSpeed with SPDY enabled

When building OpenLiteSpeed, use the --enable-spdy option to build OpenLiteSpeed with SPDY enabled. When building with SPDY enabled, you must stipulate where your installation of OpenSSL is using the --with-openssl configuration option shown below:

./configure --with-openssl=/usr --enable-spdy 
make
make install

Note: The default OpenSSL location is /usr. If you installed another copy of OpenSSL in a different directory (such as in /usr/local, as directed above), be sure to direct OpenLiteSpeed to look for OpenSSL in the correct directory.

Enabling SPDY

Once SPDY support has been built in, you turn on SPDY using the Enable SPDY setting in the Listeners tab of the WebAdmin console (WebAdmin console > Configuration > Listeners > SSL). In this setting, you can enable SPDY/2 and/or SPDY/3 or disable SPDY altogether. All versions are enabled by default.