On Fri, Nov 06, 1998, [EMAIL PROTECTED] wrote:
> Full_Name: Brad Cox
> Version: mod_ssl-2.0.13-1.3.3/
> OS: Linux/mod_perl
> Submission from: pwp001.dialup.gmu.edu (129.174.193.201)
>
> Please critique the following and if correct, add it as an httpd.conf "how to"
> section in your manual. It took mme longer than I'd like to admit getting this
> working. I'd like to save other newbies the time.
When it took you longer I guess you started from scratch with your old
configuration and not with the pre-configured httpd.conf file. Because when
you install Apache+mod_ssl via APACI you get an already pre-configured
httpd.conf file where all SSL directives are present and setup correctly.
This pre-configured SSL setup should be treated as the "HowTo section". But
perhaps I should add a notice to the INSTALL file that people should look at
it.
> Note the commented-out lines which I took from your ApacheCon presentation,
> looking for a model to follow. They don't work, presumably because they apply to
> a later version than I have (I thought I had the latest).
The mod_ssl presentation at ApacheCon showed new stuff present in the
forthcoming mod_ssl 2.1 version. You have the latest version of 2.0, only.
> Listen 80
> ServerName your.domain.org
> DocumentRoot /usr/local/htdocs
> ErrorLog /usr/local/apache/var/log/error_log
> TransferLog /usr/local/apache/var/log/access_log
> ServerAdmin your.email.address
> <IfDefine MOD_SSL>
> SSLDisable
> Listen 443
> <VirtualHost your.ip.address:443>
> ServerName your.domain.org
> SSLCacheServerPort /usr/local/apache/var/run/ssl_gcache_port
> SSLCacheServerPath /usr/local/apache/sbin/ssl_gcache
> SSLCACertificateFile /usr/local/apache/conf/ssl.csr/server.csr
> SSLCertificateFile /usr/local/apache/conf/ssl.crt/server.crt
> SSLCertificateKeyFile /usr/local/apache/conf/ssl.key/server.key
> SSLLogFile /usr/local/apache/var/log/ssl.log
> SSLRequireSSL
> SSLSessionCacheTimeout 15
> SSLVerifyDepth 10
> SSLEnable
> # SLVerifyClient none
> # SSLMutex file:/usr/local/apache/var/run/ssl.mutex
> # SSLSessionCache /usr/local/apache/var/run/ssl.scache
> # SSLEngine on
> </VirtualHost>
> </IfDefine>
The SSLMutex and SSLSessionCache in 2.1 are for the global context. But
beside this it's a good idea. I'll try to overtake your example in adjusted
form for the mod_ssl 2.1 documentation as a all-in-one example to give the
user an impression what is actually needed. Thanks for sharing your
experiences.
Ralf S. Engelschall
[EMAIL PROTECTED]
www.engelschall.com
______________________________________________________________________
Apache Interface to SSLeay (mod_ssl) www.engelschall.com/sw/mod_ssl/
Official Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
