How to install the Community-Id "OpenId" server on Linux

Charles Roth, 14 Jan 2010       (Techblog top)

I. Introduction
OpenId is a sort of mass single-signon project that is widespread, open-source, convenient, and relatively safe.  It involves using a (or setting up your own) OpenId server, that users login to.  Once there, their browser gets a cookie that OpenId-compliant applications can use to detect a valid login has already occurred, and take users straight into the application w/o further authentication.

Community-Id is a (relatively) easy to use and install OpenId server, for folks who want to "roll their own".  General installation instructions are at  This guide extends and assists with those instructions.

I. Download
The current stable version is 1.2.1.  Download it from

Note that it requires PHP 5.2.4.

II. Create a userid to own the community-id site.

  1. Create a separate userid, e.g. "comid", to own the installation, with it's own home directory (e.g. /home/comid).
  2. chmod 711 /home/comid
  3. In that id, unpack the downloaded file (e.g. tar xvfz cid.1.2.1.tar.gz), which creates the communityid directory
  4. As root in the comid home directory, do chown -R comid:apache communityid.  (Assumes that your Apache web server runs as userid apache.)

III. Define a DNS Name
Select a DNS name for your OpenId server, e.g.

This guide assumes that you want to use the simplest OpenId form for your userids.  E.g. if my OpenId server is "", then user "roth" is just "".  This is great for your users, but it requires that the domain name is only useable for OpenId, i.e. you can't have any other service (like under that domain.

To make this work properly, you must define the DNS resolution for to redirect to  In the linux named server, for instance, your DNS definition would most likely contain:

   *                   IN CNAME

IV. Prepare Apache
Create a virtual host file for that name, e.g. /etc/httpd/conf/vhosts/, containing:

   ServerAlias *
   DocumentRoot /home/comid/communityid/webdir

   <Directory /home/comid/communityid>
      Options FollowSymLinks
      AllowOverride All
and restart Apache.

V. Prepare MySQL database
Create a MySQL database for OpenId, e.g.

   mysql -u root -p
   create database comid;
   grant all on comid.* to comid@localhost identified by 'newPassword';

VI. Finish Installation
Point a browser at  Fill in the database name, database password, the expected support email address, and an admin userid and password.  (The userid/pw is not an OpenId itself, just a way to administer the OpenId server.)

This automatically creates a file config.php in the communityid directory.  Edit this file (you may have to do it as root, since it is now owned by 'apache'), and change the definitions:

   $config['subdomain']['enabled']             = true;
   $config['subdomain']['hostname']            = '';
   $config['subdomain']['use_www']             = false;

Remove write permissions from this same file, e.g.

   cd /home/comid/communityid
   chmod 440 config.php

VII. Test
Point your browser at, and create an OpenId "account".  You should end up with your own personal URL (aka OpenId) of  You can use this OpenId at thousands of participating OpenId-enabled websites, such as... (to be filled in soon).

VIII. Using OpenId in a web application
(This text is still under development)

  1. yum install httpd-devel.i386
  2. yum install libtidy.i386
  3. yum install libtidy-devel.i386
        make install