In the early 90s most of the inter-network communications done by Internet protocols such as IMAP, SMTP, HTTP, FTP, LDAP, SNMP and POP was unencrypted. This basically means that even though applications using those protocols used similar authentication methodologies as today (requiring valid UserIDs & Passwords), those critical credential info used to be sent unencrypted over the network. In other words, UserIDs & Passwords used to be sent in plain text format over the network from one system to another.
Since this made it very easy for intruders (bad guys) to crack supposedly secured systems by simply sniffing the network for potential credentials to use, Netscape came up with SSL (Secure Socket Layer v1 & v2, a cryptographic protocol that provides communication security over the Internet Protocol) back in February of 1995. Eventually this solution has evolved into TLS (Transport Layer Security).
OpenSSL is a robust, commercial-grade, fully featured encryption software that implements SSL v2/v3 and TLS v1 protocols. It is developed and maintained by OpenSSL Project and it is widely used by open source communities and even by some commercial systems. If you’re a Linux user of any capacity (either a simple user or a System Admin) you are most likely familiar with OpenSSL, so continue reading.
Apache Web-Server is one of the most widely used web-servers around the globe. Thus, the Internet is overloaded with countless of techniques regarding deploying and configuring this world class web-server. On this blog for instance, you may find a well written one published by Matthew Harman, a brilliant IT Professional and writer. I personally like Matthew’s approach as discussed in his article. However, because I have promised in the PART-2 of a series of articles I have published here regarding Virtualization With XEN Hypervizor On CentOS 5.8 that was going to write PART-3 dealing with web-server setups, I have decided to keep my word and share an approach that I have adopted when it comes to deploying Apache (httpd) servers.
In the referred virtualization article I said that on PART-3 of the series I was going to show how to configure and optimize CentOS/RedHat/Fedora for web-services. However I have decided not to do that because another writer has already published an article that delve with that subject. Though his article didn’t include everything I wanted to address, I must admit that I enjoyed reading his article. Again, when it comes to setting up OS configuration and optimization for web-servers, I have adopted a slightly different approach than the other writer’s approach, but I still recognized the valuable insights that he shared on his writing. Thus, I am not longer sharing anything regarding OS setups for web-services as promised. However, in this article I am jumping one step forward by delving with Optimizing and Building Apache Web-Server on CentOS/RedHat/Fedora.
In the first article of these series “Setting up a LPYR PART1”, I essentially delved with how to setup a LPYR. That is I provided you with clear and comprehensive 11 steps that you may follow and have a LPYR ready.
In this article, I intend to illustrate a couple of things:
1) How to generate GPG signature that can be used to sign RPM packages.
2) How to build RPM packages (both source rpm as well as binary rpm) from source code and spec files.
Instead of bugging you with persuasive arguments pertaining to the benefits of what I am about to demonstrate, I would rather give you a quick run down (step-by-step) instructions to reach the above cited objectives. Then, in my closing statement, I will present you with a group of people who may benefit from going through the pain of following these step-by-step instructions.
For the purpose of this lab, please, do not use a privileged account such as root. Use any other regular account: if you don’t have one available, create one on the fly.