[lug] SSH

rm at mamma.varadinet.de rm at mamma.varadinet.de
Thu Feb 22 13:16:45 MST 2001


On Thu, Feb 22, 2001 at 02:06:33PM -0600, Brian R. Stamper wrote:
> When we set up the server I used the mod_ssl when configuring apache.  I
> looked at the httpd.conf thinking I would find it there after seeing some of
> the changes that could be made in the manual at openssl.org.  Unfortunatly
> we still don't know/understand how to check or make it work if its there?
> It seems to be there.  The http://ipaddress says Hey, it worked! The
> SSL/TLS-aware Apache webserver was successfully installed on this site and
> has the two little gifs that say secured by mod_ssl and includes OpenSSL?
> So I would assume there there.


mod_ssl comes with a lot of bneccessary configuration parameters
that all start with 'SSL'.  You need to set up some global options
like for example 'SSLPassPhraseDialog' (what program the server
should use to query for the passphrase during server startup) or
'SSLRandomSeed' etc. Once those are set you need to configure
a virtual server or a 'Location' to use SSL. 
This could look like this:

<VirtualHost realysecure.money.com:443>
  SSLEngine on
  SSLCipherSuite RSA

  SSLCertificateFile    /etc/apache/ssl.crt/server.crt
  SSLCertificateKeyFile /etc/apache/ssl.key/server.key
  
   ... more here ...
</VirtualHost>

this is only the most basic setup! I don't know about RedHat but
i guess the mod_ssl rpm should come with documentation (Debian
users will find it under /usr/share/doc/libapache-mod-ssl). The
documentation contains sample files for both the global settings
as well as the per server/location configuration options.

 Ralf



More information about the LUG mailing list