On Wed, 8 Dec 1999, Kenneth Mutka wrote:
> ... run mod_ssl without having Certificates? I just want the crypto from the
> package, nothing else.
> Is that possible?
> If not, what should I choose instead?
You can infact, but you'll have to recompile OpenSSL with Anonymous DH
(diffie-helman) enabled. (./Configure <otheroptions> -DSSL_ALLOW_ADH
iirc).
Once you did that you probably will have to recompile mod_ssl too.
Furthermore you'll need to put ADH ciphers in your ciphersuite
(SSLCiphersuite +ADH iirc).
Configured this way the server won't need to have a certificate.
Although this type of SSL connection might be effective against (passive)
``sniffing'', they're not at all secure against
``man-in-the-middle''-attacks.
Regards,
Simon Weijgers
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
