Help:Install:OpenLiteSpeed with SPDY Installation Notes

Revision as of 22:12, 23 August 2013 by Marmstrong (talk | contribs) (Install OpenSSL 1.0.1)
Revision as of 22:12, 23 August 2013 by Marmstrong (talk | contribs) (Install OpenSSL 1.0.1)

Install OpenSSL 1.0.1

SPDY requires OpenSSL 1.0.1 or higher. You can check your OpenSSL version by running the command openssl version. If your system does not have a high enough version of OpenSSL, it can be downloaded from the OpenSSL site. (Specifically, CentOS 5 and CentOS 6 do not come with OpenSSL 1.0.1.)

Upgrading OpenSSL can cause problems in your system, so it is not recommended to replace your current version of OpenSSL if you have a version lower than 1.0.1. Instead, we recommend that you install OpenSSL in a separate directory where it can be used specifically for OpenLiteSpeed. You need to be careful when doing this so that OpenLiteSpeed will be able to find all the files it needs when installing. Use the following steps:

  1. Download and unpack a newer version of OpenSSL from the OpenSSL site.
  2. From inside the unpacked package, run the commands:
./config --prefix=/usr/local/ --openssldir=/usr/local/openssl
/usr/local/ is the path to your new OpenSSL directory and /usr/local/openssl is the name of your new OpenSSL directory. You can put your new version of OpenSSL wherever you want, but you need to stipulate the directory name and name it oppenssl. This is how OpenLiteSpeed will know where to look for the right files.

You can then direct OpenLiteSpeed to this directory during installation of OpenLiteSpeed. Use the --with-openssl configuration option shown below:

./configure --prefix=/usr/local --with-openssl=/usr/local/ --enable-spdy
make install

The above series of commands directs OpenLiteSpeed to look for your copy of OpenSSL in /usr/local/. You can customize this to wherever you have installed OpenSSL 1.0.1. The above series also enables SPDY support. This is discussed in the next section.

Enabling SPDY

OpenLiteSpeed's SPDY module is not compiled in by default. To add SPDY support, you need to add the configuration option --enable-spdy as shown above when you build a new binary.

Once the SPDY module is built in, you turn on SPDY using the Enable SPDY setting in the Listeners tab in the WebAdmin console (WebAdmin console > Configuration > Listeners > SSL). In this setting, you can enable SPDY/2 and/or SPDY/3 or disable SPDY altogether. Both SPDY/2 and SPDY/3 are enabled by default.