You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Sam Newman <sa...@stamplets.com> on 2001/04/16 15:53:50 UTC

Apache-SSL or Mod-ssl

I was wondering which is the prefered choice for work with servlets? I am having untold trouble getting Apache-SSL to work (built it, can't view a page without a seg fault). Whilst not a tomcat specific issue Apache-SSL is the mentioned way to get SSL working with tomcat. I've just tried RedHats Stronghold product (try www.c2.net) which gave be an out of the box SSL working Apache server (uses mod_ssl) in under 10 minutes. Getting tomcat to work with it hasn't been a problem either - well, hardly a problem (see my other post). Before I try and get my boss to buy stronghold, are there any issues I should be aware of with using mod_sll as opposed to Apache-SSL?

sam

Re: Apache-SSL or Mod-ssl

Posted by Sam Newman <sa...@stamplets.com>.
Which is exactly what I did this afternoon :-) 3 days last week trying to
get apache-SSL working to no avail (core dump on every connection was the
net result!). Got apache running with mod_ssl in 15 minutes!

Oh well, what doesn't kill me, only makes me really anoyed at wasting 3
days....or summat....

sam
----- Original Message -----
From: Jeff Kilbride
To: tomcat-user@jakarta.apache.org
Sent: Monday, April 16, 2001 5:48 PM
Subject: Re: Apache-SSL or Mod-ssl


Actually, mod-ssl is the preferred way to add SSL to Apache these days.
Apache-SSL is an older solution. Most of the commercial ssl products (i.e.
Covalent Raven, Stronghold, etc...) are based on mod-ssl -- and they
actually support its development. If you've already gone through the pain of
setting up Apache-SSL, setting up mod-ssl should seem relatively simple.
Mod-ssl is extremely well documented on it's website (www.modssl.org). It
took me about 20 minutes to apply the EAPI patch to Apache and compile the
module.

If I were you, I'd look at implementing mod-ssl on your own before buying
Stronghold or any other commercial product.

Thanks,
--jeff

Re: Apache-SSL or Mod-ssl

Posted by Jeff Kilbride <je...@kilbride.com>.
Actually, mod-ssl is the preferred way to add SSL to Apache these days. Apache-SSL is an older solution. Most of the commercial ssl products (i.e. Covalent Raven, Stronghold, etc...) are based on mod-ssl -- and they actually support its development. If you've already gone through the pain of setting up Apache-SSL, setting up mod-ssl should seem relatively simple. Mod-ssl is extremely well documented on it's website (www.modssl.org). It took me about 20 minutes to apply the EAPI patch to Apache and compile the module.

If I were you, I'd look at implementing mod-ssl on your own before buying Stronghold or any other commercial product.

Thanks,
--jeff

  ----- Original Message ----- 
  From: Sam Newman 
  To: tomcat-user@jakarta.apache.org 
  Sent: Monday, April 16, 2001 6:53 AM
  Subject: Apache-SSL or Mod-ssl


  I was wondering which is the prefered choice for work with servlets? I am having untold trouble getting Apache-SSL to work (built it, can't view a page without a seg fault). Whilst not a tomcat specific issue Apache-SSL is the mentioned way to get SSL working with tomcat. I've just tried RedHats Stronghold product (try www.c2.net) which gave be an out of the box SSL working Apache server (uses mod_ssl) in under 10 minutes. Getting tomcat to work with it hasn't been a problem either - well, hardly a problem (see my other post). Before I try and get my boss to buy stronghold, are there any issues I should be aware of with using mod_sll as opposed to Apache-SSL?

  sam