Chapter 3. Installation

Table of Contents

1. Preparations
1.1. Software
1.2. Hardware
2. Configure
2.1. Host System Configuration
2.2. Filesystem paths
2.3. Webserver specific stuff
2.4. Email
2.5. Compiling features
3. Installation
4. config.xml (for RPMs and DEBs too)
4.1. Configuration sections of config.xml
4.2. How to setup two management interfaces on one server?

1. Preparations

1.1. Software

OpenCA is not a complete monolithic system. It uses several software products from other developers of the Open Source community. The following things are used:
  • Apache

  • mod_ssl

  • OpenSSL

  • OpenLDAP

  • Perl

We use a lot of different Perl modules. Beginning with OpenCA 0.9.2 we no longer install all foreign modules. This is the normal behaviour of every Open Source project. The following should give you an overview about the required modules. Please note that you must install at minimum the listed version because some earlier versions like for example Net::Server include serious bugs.

Table 3.1. External Perl modules

ModuleVersionComment
Authen::SASL2.04 required by Net::LDAP for SASL authentication - if you do not use SASL then you do not need it
CGI::Session3.95required for our own session handling
Convert::ASN10.18???
Digest::HMAC1.01required by Authen::SASL
Digest::MD52.24this is usually part of Perl itself
Digest::SHA12.02required by OpenCA itself
Encode::Unicode???required by OpenCA for the internationalization stuff
IO::Socket::SSL0.92???
IO::stringy2.108???
MIME::Base642.20required for Base64 encoding and decoding
MIME::Lite3.01required for OpenCA mail handling
MIME-tools5.411required for OpenCA mail handling
MailTools1.58required for OpenCA mail handling
Net-Server0.86required for OpenCA daemon - the version is important
Parse::RecDescent1.94required by X500::DN
URI1.23???
X500::DN0.28we use a modified version here
XML::Twig3.09used for XML parsing

Warning

Please read the file README in the distribution of XML::Twig which you use really carefully. There are several incompatibilities with some versions of XML::Parser and expat. The used version of Perl is heavily important too.

libintl-perl1.10this is our interface for the i18n stuff
perl-ldap0.28Perl's LDAP interface

1.2. Hardware

OpenCA was tested on several softwarearchitectures but not on so many hardware architectures. Therefore we publish a list of used hardware. Please remember that OpenCA can be used on any system which support Apache, mod_ssl, OpenSSL and Perl. So if you have Unix box then it is usually possible to run an OpenCA on it.
  • i386 with Linux, FreeBSD, OpenBSD and NetBSD

  • UltraSparc with Solaris 8 and Linux

  • PowerPC with AIX