Home
Installing SSL Explorer on FreeBSD 6.x
Submitted by Bram Schoenmakers on 13 June, 2008 - 15:58.
Tagged:  •  

SSL Explorer is a Java based SSL VPN solution. It supports FreeBSD, but things seem to be a bit outdated by now and installing it is not really straight-forward. After a little of fiddling I came to these steps to install SSL Explorer on FreeBSD 6.3:

  1. Install the Diablo Java implementation, to be found in the ports: java/diablo-jre15.
  2. Install the port misc/compat4x. Omitting this step got me a bunch of Undefined symbol errors or missing libraries.
    /usr/libexec/ld-elf.so.1: Shared object "libm.so.2" not found, required by "wrapper"
  3. Download the generic UNIX version of SSL Explorer at their site.
  4. Extract the sslexplorer.tar.gz and put it in /usr/local/sslexplorer. You may want to install it somewhere else, but the next steps will assume this path.
  5. The SSL installation steps should work right away:
    # cd /usr/local/sslexplorer
    # ./install-sslexplorer

    Now you can point your browser to: http://example.com:28080 .
    Create the SSL certificate and create an administrator account.

  6. Assuming you're still in the SSL Explorer prefix:
    cp install/platforms/freebsd/* lib
  7. Edit the file conf/wrapper.conf. Make sure it has the following values set:
    wrapper.java.command=/usr/local/bin/java
    wrapper.java.classpath.1=/usr/local/sslexplorer/build/boot
    wrapper.java.classpath.2=/usr/local/sslexplorer/lib/sslexplorer-boot.jar
    wrapper.java.library.path.1=/usr/local/sslexplorer/lib

    8. Probably the prefixes are missing in the original file.

  8. Now we have to install an init script, so that we can start SSL Explorer:
    # cd /usr/local/etc/rc.d
    # ln -s /usr/local/sslexplorer/install/platforms/linux/sslexplorer sslexplorer.sh

    So it's important not to copy the script, but to make a symbolic link. The wrapper script resolves the path of where the link is pointing to in order to determine the SSL Explorer prefix.

  9. It's time to start the SSL Explorer. In theory, nothing can go wrong now Smile.
    # /usr/local/etc/rc.d/sslexplorer.sh start

Update 17 July 2008:
It is safe to repeat step 5 above if you wish to change your key. However, this step does not only involve creating a new key, but also setting up an admin account and other basic stuff (again).

Make sure the SSL Explorer service is shut down, otherwise the install command won't work.