mod_ssl
mod_ssl provides provides strong cryptography for the Apache 1.3 webserver via the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1). It is based on the SSL/TLS toolkit OpenSSL and supports all SSL/TLS related functionality, including RSA and DSA/DH cipher support, X.509 CRL checking, etc. Additionally it provides special Apache related facilities like DBM and shared memory based inter-process SSL session caching. per-URL SSL session renegotiations, DSO support, etc.
| Tags | Internet Web HTTP Servers |
|---|---|
| Licenses | BSD Original |
Recent releases
- 13 Sep 2007 01:11
Changes: This release is for Apache 1.3.39.
- 18 Jul 2006 02:51
Changes: This release is for Apache 1.3.36.
- 08 May 2006 01:34
Changes: This version was adjusted for Apache 1.3.35. Some small fixes were made.
- 02 Sep 2005 14:46
Changes: A security issue (CAN-2005-2700) has been fixed where "SSLVerifyClient require" was not enforced in per-location context if "SSLVerifyClient optional" was configured in the global virtual host configuration.
- 06 Jul 2005 07:10
Changes: This version was ported to the OpenSSL 0.9.8 API. Connection timeout handling was fixed. The ca-bundle.crt file from Mozilla's "certdata.txt" was updated. Timeout handling in POST request processing was fixed. A double-definition of OPENSSL_free under OpenSSL 0.9.6 was fixed.
- All comments
Recent commentsI fully agree with you...
> Unfortunately I don't share Matt's easy
> experience. I've found that installing
> mod_ssl to be a royal pain in the ass.
> You would think that after all this
> time, someone would make it easy to get
> apache up and running with SSL.
Installing mod_ssl on Apache is a real pain and I share the pangs of the installation. God,,, for the last one week I am trying to do it without any success. It seems many people are having similar problem (as seen in Usenet) , but not many from Apache or modssl are willing to solve the problems.
Isn't there an easy way to do it?
Subhasis
Mod_ssl is great!
I spent *way* too long trying to setup apache+ssl, with its poor docs. I downloaded mod_ssl and was up and running in about 20 minutes. Excellent documentation as well as great code. Did I mention the documentation was excellent? It even looks nice with its cascading style sheets!
Grab it if you want an SSL enabled apache....
There is help for the weak of heart
apachetoolbox.com
mod_ssl is great!
I remember looking for a way to give SSL support to Apache about a year ago. I came upon Apache-SSL (http://www.apache-ssl.org/) and SSLeay (http://www.psy.uq.oz.au/~ftp/Crypto/) and decided to try those. Well after some frustration, I got the web server up and running with SSL support but not without several hiccups in the setup process. Then I heard about mod_ssl (http://www.modssl.org/) and OpenSSL (http://www.openssl.org/) and downloaded both. Wow! What a difference. Ralf S. Engelschall's (http://www.engelschall.com/) great documentation made the entire setup process easy. Rather than spend hours setting up and configuring Apache to work with the SSL patches of Apache-SSL, I spent far less time setting up mod_ssl. I would recommend that everyone who wants to add SSL support to Apache use the combination of mod_ssl and OpenSSL!
I don't feel that way
Unfortunately I don't share Matt's easy experience. I've found that installing mod_ssl to be a royal pain in the ass. You would think that after all this time, someone would make it easy to get apache up and running with SSL.