[lug] SSH
Brian R. Stamper
brianstamper at smartsbroadcast.com
Thu Feb 22 13:52:38 MST 2001
Both of the SSLPassPhraseDialog and the SSLRandomSeed are set to builtin and
there there in the httpd.conf. As for the virtualhost I'm not sure its set
up so I'll go through and give it a try the httpd.conf does have a sample
virtualhost that I can make my changes to. Thanks so much!!
Brian
----- Original Message -----
From: <rm at mamma.varadinet.de>
To: <lug at lug.boulder.co.us>
Sent: Thursday, February 22, 2001 2:16 PM
Subject: Re: [lug] SSH
On Thu, Feb 22, 2001 at 02:06:33PM -0600, Brian R. Stamper wrote:
> When we set up the server I used the mod_ssl when configuring apache. I
> looked at the httpd.conf thinking I would find it there after seeing some
of
> the changes that could be made in the manual at openssl.org. Unfortunatly
> we still don't know/understand how to check or make it work if its there?
> It seems to be there. The http://ipaddress says Hey, it worked! The
> SSL/TLS-aware Apache webserver was successfully installed on this site and
> has the two little gifs that say secured by mod_ssl and includes OpenSSL?
> So I would assume there there.
mod_ssl comes with a lot of bneccessary configuration parameters
that all start with 'SSL'. You need to set up some global options
like for example 'SSLPassPhraseDialog' (what program the server
should use to query for the passphrase during server startup) or
'SSLRandomSeed' etc. Once those are set you need to configure
a virtual server or a 'Location' to use SSL.
This could look like this:
<VirtualHost realysecure.money.com:443>
SSLEngine on
SSLCipherSuite RSA
SSLCertificateFile /etc/apache/ssl.crt/server.crt
SSLCertificateKeyFile /etc/apache/ssl.key/server.key
... more here ...
</VirtualHost>
this is only the most basic setup! I don't know about RedHat but
i guess the mod_ssl rpm should come with documentation (Debian
users will find it under /usr/share/doc/libapache-mod-ssl). The
documentation contains sample files for both the global settings
as well as the per server/location configuration options.
Ralf
_______________________________________________
Web Page: http://lug.boulder.co.us
Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
More information about the LUG
mailing list