13.6. Secure Sockets Layer: How to Do It
The object of what follows is to make a version of Apache that handles the HTTPS (HTTP over SSL) protocol. Currently this is only available in Unix versions, and given the many concerns that exist over the security of Win32, there seems little point in trying to implement SSL in the Win32 version of Apache.
The first step is to get hold of the appropriate version of Apache; see Chapter 1, and the Apache-SSL home page at http://www.apache-ssl.org/ for current information. Download the source code, or copy it from the demonstration CD-ROM, and expand the files in some suitable directory. An src subdirectory will appear. So far, so good.
The next, and easiest step of all, is to decide whether you are in the United States and Canada or the rest of the world. Then follow these guidelines:
In the United States and Canada
-
You have two choices. You can get a commercial SSL-enabled web server, or you can do what the rest of the world does (see below), noting only that you need to get a license to use RSA's patents if you want to make money out of your SSL-enabled Apache (see www.rsa.com).
In the rest of the world
-
If your deliberations lead you to believe that you live in the rest of the world, proceed as described in the following sections.
13.6.1. Get SSLeay
The first thing to do is to get SSLeay. SSLeay is a a freely available library, written by the Australian Eric Young, which does pretty much everything cryptological that the ...
Get Apache: The Definitive Guide, Second Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
