You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@httpd.apache.org by "MATHIHALLI,MADHUSUDAN (HP-Cupertino,ex1)" <ma...@hp.com> on 2001/10/01 18:56:40 UTC
SSL configuration file
Hi,
Regarding the SSL configuration, I was wondering if it'd be better
to have a separate httpd-ssl.conf file, which contains all the SSL specific
information - OR is it better to go with the 1.3 model itself (SSL config in
the httpd.conf) ?.. I can send out a patch if required.
Thx
-Madhu
Re: SSL configuration file
Posted by Rodent of Unusual Size <Ke...@Golux.Com>.
Ryan Bloom wrote:
>
> The reality is that most people just use the default
> config, and modify it to fit their needs.
I think that actually the reality is that most people
get a massaged config as part of their OS distribution,
which probably bears only a nodding resemblance to our
file. The distribution builders have a long history of
mashing the tar out of our defaults. :-)
I'm with Ryan here -- I think it should be a separate
file.
--
#ken P-)}
Ken Coar, Sanagendamgagwedweinini http://Golux.Com/coar/
Author, developer, opinionist http://Apache-Server.Com/
"All right everyone! Step away from the glowing hamburger!"
Re: SSL configuration file
Posted by Ryan Bloom <rb...@covalent.net>.
On Monday 01 October 2001 01:33 pm, Justin Erenkrantz wrote:
> On Mon, Oct 01, 2001 at 01:32:38PM -0700, Ryan Bloom wrote:
> > I would prefer to keep the SSL config out of the default config file,
> > because we aren't going to be distributing binaries with SSL. At least,
> > I am assuming we won't, because there are countries that can't download
> > the SSL binaries legally, and we don't query the user's country at all.
>
> With proxy, the config is commented out, why not do the same thing
> for SSL? -- justin
Because the proxy config is incredibly small. The SSL config has historically
been huge. If the proxy config ever has an example of every config directive,
and a paragraph for each, then I would suggest splitting it out into it's own
config file.
The reality is that most people just use the default config, and modify it to
fit their needs. If we put the SSL config in there, we are just making it
harder for them to do that.
Ryan
______________________________________________________________
Ryan Bloom rbb@apache.org
Covalent Technologies rbb@covalent.net
--------------------------------------------------------------
Re: SSL configuration file
Posted by Justin Erenkrantz <je...@ebuilt.com>.
On Mon, Oct 01, 2001 at 01:32:38PM -0700, Ryan Bloom wrote:
> I would prefer to keep the SSL config out of the default config file, because
> we aren't going to be distributing binaries with SSL. At least, I am assuming
> we won't, because there are countries that can't download the SSL binaries
> legally, and we don't query the user's country at all.
With proxy, the config is commented out, why not do the same thing
for SSL? -- justin
Re: SSL configuration file
Posted by Ryan Bloom <rb...@covalent.net>.
On Monday 01 October 2001 01:27 pm, Justin Erenkrantz wrote:
> On Mon, Oct 01, 2001 at 12:56:40PM -0400, MATHIHALLI,MADHUSUDAN (HP-Cupertino,ex1) wrote:
> > Hi,
> > Regarding the SSL configuration, I was wondering if it'd be better
> > to have a separate httpd-ssl.conf file, which contains all the SSL
> > specific information - OR is it better to go with the 1.3 model itself
> > (SSL config in the httpd.conf) ?.. I can send out a patch if required.
>
> The site admin can always do:
>
> Include conf/httpd-ssl.conf
>
> if they wanted to split it out. No need to do anything else.
>
> IMHO, the example configs should be one file without includes.
> We can leave it up as an exercise to the reader to split it out.
I would prefer to keep the SSL config out of the default config file, because
we aren't going to be distributing binaries with SSL. At least, I am assuming
we won't, because there are countries that can't download the SSL binaries
legally, and we don't query the user's country at all.
Ryan
______________________________________________________________
Ryan Bloom rbb@apache.org
Covalent Technologies rbb@covalent.net
--------------------------------------------------------------
Re: SSL configuration file
Posted by Justin Erenkrantz <je...@ebuilt.com>.
On Mon, Oct 01, 2001 at 12:56:40PM -0400, MATHIHALLI,MADHUSUDAN (HP-Cupertino,ex1) wrote:
> Hi,
> Regarding the SSL configuration, I was wondering if it'd be better
> to have a separate httpd-ssl.conf file, which contains all the SSL specific
> information - OR is it better to go with the 1.3 model itself (SSL config in
> the httpd.conf) ?.. I can send out a patch if required.
The site admin can always do:
Include conf/httpd-ssl.conf
if they wanted to split it out. No need to do anything else.
IMHO, the example configs should be one file without includes.
We can leave it up as an exercise to the reader to split it out.
-- justin