Can't get Apache 2.2.21 to compile with OpenSSL support

Alright -- having a bad couple days here compiling Apache 2.2.21 on CentOS 5.7 with the following configure commands:

./configure --enable-ssl=shared --with-ssl=/usr/local/openssl

I've compiled from source OpenSSL 1.0.0e from source:

./config --prefix=/usr/local --openssldir=/usr/local/openssl shared zlib-dynamic

I attempt to start Apache and it returns:

httpd: Syntax error on line 54 of /usr/local/apache2/conf/httpd.conf: Cannot load /usr/local/apache2/modules/mod_ssl.so into server: /usr/local/apache2/modules/mod_ssl.so: undefined symbol: SSL_get_servername

If I look at how the libraries are linked, this is what I get:

[root@web1 modules]# ldd mod_ssl.so libssl.so.6 => /lib64/libssl.so.6 (0x00002aaaaace4000) libcrypto.so.6 => /lib64/libcrypto.so.6 (0x00002aaaaaf30000) libdl.so.2 => /lib64/libdl.so.2 (0x00002aaaab281000) libz.so.1 => /lib64/libz.so.1 (0x00002aaaab486000) libpthread.so.0 => /lib64/libpthread.so.0 (0x00002aaaab69a000) libc.so.6 => /lib64/libc.so.6 (0x00002aaaab8b5000) libgssapi_krb5.so.2 => /usr/lib64/libgssapi_krb5.so.2 (0x00002aaaabc0e000) libkrb5.so.3 => /usr/lib64/libkrb5.so.3 (0x00002aaaabe3c000) libcom_err.so.2 => /lib64/libcom_err.so.2 (0x00002aaaac0d1000) libk5crypto.so.3 => /usr/lib64/libk5crypto.so.3 (0x00002aaaac2d4000) /lib64/ld-linux-x86-64.so.2 (0x0000555555554000) libkrb5support.so.0 => /usr/lib64/libkrb5support.so.0 (0x00002aaaac4f9000) libkeyutils.so.1 => /lib64/libkeyutils.so.1 (0x00002aaaac702000) libresolv.so.2 => /lib64/libresolv.so.2 (0x00002aaaac904000) libselinux.so.1 => /lib64/libselinux.so.1 (0x00002aaaacb19000) libsepol.so.1 => /lib64/libsepol.so.1 (0x00002aaaacd32000)

Basically, I've tired compiling from source OpenSSL (both 0.9.8r and 1e), having yum reinstall from the repos, done a make clean and remade both OpenSSL and Apache numerous times -- but I can't get it to compile into the apache base or dynamically as a shared object file.

What am I doing wrong here?

Update 1:

After doing a make clean and make distclean, I've reconfigured with the same parameters as above without any effect.

The config.log is at Pastebin.

Update 2:

Modifying the LD_LIBRARY_PATH had no effect on the lib-deps of mod_ssl.so.

UPDATE 3:

I've compiled and recompiled many times, and verified with ldconfig that the OpenSSL libs dir is in my path, and included in ld.so.conf. Still cannot get httpd/mod_ssl to load the library at runtime.

No change with make clean and make distclean, but I have tried them before. config.log link is above.

export LD_LIBRARY_PATH=/usr/local/openssl/lib:$LD_LIBRARY_PATH, then recheck ldd.

basically, it looks like Apache's finding the right libraries at compile-time, but not at run-time. adjusting LD_LIBRARY_PATH will give your openssl libs precedence in the search path.

After modifying the LD_LIBRARY_PATH var, the results are the same.

That's correct. I've tried with --enable-so and without (and then compiling it into httpd). Either way do it, it will not load the libssl.so.* files no matter where they are when they're in the library path, and everything in between, trying builds of apache from 2.2.19-2.2.21 and openssl.0.9.8.r-1.0.0e.

It is compiling the mod_ssl.so file in modules/. I'm still executing ./configure --with-ssl=the/right/dir, and configure sees this at configure-time. Once it compiles, and we come to runtime, it doesn't link properly to the library dictated at compile time.

Correct, and OpenSSL has been compiled this way. Apache will not link the library to the libraries installed from compiling OpenSSL nor through yum and the CentOS repos.

You could try removing openssl-devel from your system and then try again. If you are compiling your own version of SSL, you likely don't need that. As a last resort, you can manually tell mod_ssl.so which library to use with this: nixos.org/patchelf.html

SELinux is disabled.

Fresh install of ScientificLinux 5.5 without openssl-devel.<br>openssl 1.0.0e<br>./Configure --prefix=/usr/local/openssl100e linux-elf shared; make install<br>cd /usr/local; ln -s openssl100e ssl<br>/sbin/ldconfig -v /usr/local/ssl/lib<br><br>Apache 2.2.21:<br>--prefix=/usr/local/apache --enable-so --enable-ssl --with-ssl=/usr/local/ssl and others.<br>bin/apachectl -M | grep ssl says "ssl_module (shared)"<br>Copied a generic server.crt and server.key into the conf directory, uncommented conf/extra/httpd-ssl.conf<br>/usr/local/servers/bin/apachect‌​l start worked and nmap shows 80 and 443 open.

Had the same problem it was resolved when doing the "/sbin/ldconfig -v /usr/local/openssl/lib" command. Although i had to use "sudo" and i had not compiled it in "/usr/local/openssl".