Chapter 7. SSL

Secure Socket Layers (SSL) is the standard way to implement secure web sites. By encrypting the traffic between the server and the client, which is what SSL does, that content is protected from a third party listening to the traffic going past.

The exact mechanism by which this encryption is accomplished is discussed extensively in the SSL specification, which you can read at http://wp.netscape.com/eng/ssl3/. For a more user-friendly discussion of SSL, we recommend looking through the mod_ssl manual, which you can find at http://www.modssl.org/docs/2.8/index.html. This document discusses not only the specific details of setting up mod_ssl, but also covers the general theory behind SSL it and has pictures illustrating the concepts.

In this chapter, we talk about some of the common things that you might want to do with your secure server, including how to install it.

7.1. Installing SSL

Problem

You want to install SSL on your Apache server.

Solution

The solutions to this problem fall into several categories, depending on how you installed Apache in the first place (or whether you are willing to rebuild Apache to get SSL).

If you installed a binary distribution of Apache, your best bet is to return to the place from which you acquired that binary distribution, and try to find the necessary files for adding SSL to it.

If you built Apache yourself from source, then the solution will depend on whether you are running Apache 1.3 or Apache 2.0.

In Apache 1.3, SSL is an add-on module, ...

Get Apache Cookbook now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.