Manually Installing Stronghold CMS

Install Apache and PHP

Ubuntu Server

Ubuntu Server 6.0.6 LTS (Dapper)

There is a current documented and unresolved issue with the version of Apache and mod_auth_ntlm_winbind. The NTLM authentication works fine with Firefox, but not with Internet Explorer. Please refer to the Compiling Apache from Source guide.

Redhat Enterprise


Please refer to the Compiling Apache from Source guide.



Configure SSL

You will require an SSL certificate for each domain. Obtaining an SSL certificate is a 3 step process

  1. Have your CSR Signed (which will give you the certificate)

Or on Ubuntu you can cheat with:

sudo apache2-ssl-certificate -days 365

Generate a Certificate Signing Request (CSR)

openssl genrsa -out 1024
openssl req -new -key -out

Have Your CSR Signed

If you'd like to create your own Certificate Authority, you can follow the Creating a Certificate Authority guide.

Commercial options include: is the Open Source world's Certificate Authority. It's not recognized by Microsoft Internet Explorer.

Install Your Certificate and Key

Stronghold's installer will generate your Apache configuration for you, you just need to paste it into your apache configuration files :) You may need to tweak the paths for your SSL certificate/key.

You need to copy your certificate and key to Apache's configuration folder in /etc. In Ubuntu server this is /etc/apache2/ssl

cp /opt/CA/ /etc/apache2/ssl
cp /opt/CA/ /etc/apache2/ssl
chmod 400 /etc/apache2/ssl/*

Install mod_auth_nltm_winbind

mod_auth_ntlm_winbind provides Stronghold's authentication mechanism.

Install Kerberos, Samba, and Winbind

Install the packages for your distribution (below), and then follow the configuration guide at:

Ubuntu Server

You will need to enable the universe repository to get the heimdal-clients package.

aptitude install heimdal-clients libpam-heimdal samba winbind 

Set the permissions on winbindd_privileged

groupadd winbindd_priv
usermod -a -G winbindd_priv www-data
chown .winbindd_priv /var/run/samba/winbindd_privileged/

Redhat Enterprise

Install mod_auth_ntlm_winbind

Download the module from Samba's subversion repository.

svn co svn:// mod_auth_ntlm_winbind

Install the module with:

apxs2 -DAPACHE2 -c -i mod_auth_ntlm_winbind.c

Add the following line to your Apache configuration file to load the module:

LoadModule auth_ntlm_winbind_module /usr/lib/apache2/modules/

The Apache configuration information for each domain will be generated for you automatically by install.php

More information and troubleshooting can be found at:

You will need to set the permissions properly on winbindd_privileged. See

If you run into problems, it may help to make sure the daemons are started in the correct order. The following could be added to script.

/etc/init.d/apache2 stop
/etc/init.d/winbind stop
/etc/init.d/samba stop
/etc/init.d/samba start
/etc/init.d/winbind start
/etc/init.d/apache2 start

Install your Database Server

Download and Install Stronghold CMS

You will need to download and install some PEAR dependancies.

pear upgrade pear
pear install Mail Mail_Mime Net_SMTP channel://

Download the package from

Stronghold CMS is still in Beta, until the first official release you will need to check out the source from Subversion.

Change to the domain name for the site.

aptitude install subversion
svn co

Extract Stronghold CMS to the folder you want it installed in. Change directory to the _tools directory and run:

php install.php
installation/manual.txt · Last modified: 2008/12/03 04:07 (external edit)
Recent changes RSS feed Creative Commons License Donate Powered by PHP Valid XHTML 1.0 Valid CSS Driven by DokuWiki