We are trying to run simplesamlphp as an SP on RedHat Linux 7. The code is failing with a HP Fatal error:
Call to undefined function mcrypt_module_open().
simplesamlphp uses xmlseclibs 1.3.1, which in turn uses mcrypt, and mcrypt is not supported on RedHat Linux 7. Has anyone found a way to get around this problem? Is this a version of xmlseclibs that does not use mcrypt, or a version of simplesamlphp that does not use xmlseclibs?
On
I cant answer your question completely but we are also trying to get simplesamlphp to work on RedHat7. No luck. We have to install php56 or we have issues. In order to get php56 to work with provided Apache in RedHat7 I had to get it from here: http://developers.redhat.com/products/softwarecollections/get-started-rhel7-php/ and hack the default php.conf under /etc/http/conf.d/ to look like this.
#<FilesMatch \.php$>
# SetHandler application/x-httpd-php
#</FilesMatch>
# Redirect to local php-fpm is mod_php not available
<IfModule !mod_php5.c>
<FilesMatch \.php$>
SetHandler "proxy:fcgi://127.0.0.1:9000"
</FilesMatch>
</IfModule>
#
I currently have the simplesaml web page working again but under the configuration tab of simplesamlphp I see I no longer have MCrypt or MySQL support or LDAP Extension working. I had to have everything working in order for simplesaml to work kinda. We had issues that they say are fixed if we run php56. I did try to remove all default RedHat7 php and downloaded php56 from https://webtatic.com/packages/php56/ and had simplesaml working like it should but I just don't trust third party software builds for the production systems.
Hope this helps someone.
You should be able to install the php-mcrypt extension from the Fedora project repo:
Check the versions available, above is just an example.
As a note, SimpleSAMLphp requires mcrypt for encrypting assertions only. See SimpleSAMLphp prerequisites: https://simplesamlphp.org/docs/1.5/simplesamlphp-install#section_3