You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by Nigel Peck - MIS Web Design <ni...@miswebdesign.com> on 2003/05/20 16:49:23 UTC
[users@httpd] New to SSL
I'm running Apache 1.3.27 on Redhat 7.3. It's a live and busy web server so
it can't go down (not for long anyway). I need to add SSL and I need to get
it right first time.
I'm new to SSL, I've got hold of OpenSSL, read through some of the Mod_SSL
and Apache-SSL documentation and looking for recommendations and advice, can
anyone point me to a good resource?
Is it possible to install a second copy of Apache to do the SSL stuff and
therefore leave my working HTTP server alone? Is this a good idea?
Thanks
Nigel
MIS Web Design
http://www.miswebdesign.com/
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] New to SSL
Posted by Dan Carl <da...@bspmail.com>.
I was recently in the same predicament.
Instead of missing around with recompiling apache, I chose to upgrade to
Apache2 and install ssl support.
1.grab Apache2 source from a mirror
2. unpack it where ever you desire.
3. read INSTALL file for instructions
4. build apache with:
./configure --prefix=/usr/local/apache2 --enable-ssl --enable-module=so
5.when configure completes, run make.
6.when make completes, run make install.
7.You should now have an Apache2 instance in /usr/local/apache2
8 Edit the http.conf ( I just copied my virtual hosts from my apache 1.3.27
conf)
9. Edit the ssl.conf comment out the <IfDefine> and </IfDefine> lines
and setup a secure virtualhost. ( don't forget to update DNS)
10. grab openssl an install it.
11. generate a server.key and server.crt and copy them to
/usr/local/apache2/conf/ssl.key/ and
usr/local/apache2/conf/ssl.crt/ respectively.
12. test your configuration /usr/local/apache2/bin/apachectl -t
It should return Syntax OK
13. check your virtual host setup /usr/local/apache2/bin/apachectl -S
Now it's time to find out if it worked.
Stop your currently running apache 1.3.27
/etc/init.d/httpd stop
Start your new instance of Apache2
/usr/local/apache2/bin/
Apache2 should start serving your current webpages without any interruptions
to browsers.
Now you can always go back to Apache 1.3 if you want.
I am no Guru, use this howto at your own risk but it worked for me :-)
Here's a couple sites that helped me
http://www.raibledesigns.com/tomcat/ssl-howto.html
http://httpd.apache.org/docs-2.0/ssl/
----- Original Message -----
Subject: [users@httpd] New to SSL
> I'm running Apache 1.3.27 on Redhat 7.3. It's a live and busy web server
so
> it can't go down (not for long anyway). I need to add SSL and I need to
get
> it right first time.
>
> I'm new to SSL, I've got hold of OpenSSL, read through some of the Mod_SSL
> and Apache-SSL documentation and looking for recommendations and advice,
can
> anyone point me to a good resource?
>
> Is it possible to install a second copy of Apache to do the SSL stuff and
> therefore leave my working HTTP server alone? Is this a good idea?
I pretty sure you could setup Apache2 on a different port and run both
Apache versions.
I have not tried this though.
>
> Thanks
> Nigel
>
> MIS Web Design
> http://www.miswebdesign.com/
>
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org