Apache mod_ssl and FIPS 140-2
Does anyone know if the Apache v2.2.x implementation of OpenSSL mod_ssl is FIPS 140-2 validated? What version of OpenSSL is distributed with the current version of Apache? Any help is much appreciated... Thanks, David Gerendas, CISSP McAfee, Inc. 949-297-5600 Main 949-860-3369 Direct 949-289-8677 Mobile [EMAIL PROTECTED] mailto:[EMAIL PROTECTED]
Re: Apache mod_ssl and FIPS 140-2
http://csrc.nist.gov/cryptval/140-1/1401val2007.htm#733 Best~ -d [EMAIL PROTECTED] wrote: Does anyone know if the Apache v2.2.x implementation of OpenSSL mod_ssl is FIPS 140-2 validated? What version of OpenSSL is distributed with the current version of Apache? Any help is much appreciated… Thanks, *David Gerendas, **CISSP* McAfee, Inc. 949-297-5600 Main 949-860-3369 Direct 949-289-8677 Mobile [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List modssl-users@modssl.org Automated List Manager[EMAIL PROTECTED]
Apache with mod_ssl
We have apache 2.2.4 compiled with all modules but commented out all load modules. Do not have anything in httpd.conf file to state that this is https. But when I start apache, it tries to goto https and prompts for pass phrase. How does apache determine that this is https whereas this is actually a http server. After I enter a passphrase, it shows successful but the server never starts up. Can someone please help? Also can apache support both http and https at different ports at the same time? Thanks much for your help. SS [EMAIL PROTECTED] bin]# ./apachectl start Apache/2.2.4 mod_ssl/2.2.4 (Pass Phrase Dialog) Some of your private key files are encrypted for security reasons. In order to read them you have to provide the pass phrases. Server 10.3.110.109:443 (RSA) Enter pass phrase: OK: Pass Phrase Dialog successful. Httpd.conf # Secure (SSL/TLS) connections #Include conf/extra/httpd-ssl.conf # # Note: The following must must be present to support # starting without SSL on platforms with no /dev/random equivalent # but a statically compiled-in mod_ssl. # IfModule ssl_module SSLRandomSeed startup builtin SSLRandomSeed connect builtin /IfModule
Re: Apache with mod_ssl
Saikat Saha wrote: We have apache 2.2.4 compiled with all modules but commented out all load modules. Do not have anything in httpd.conf file to state that this is https. But when I start apache, it tries to goto https and prompts for pass phrase. How does apache determine that this is https whereas this is actually a http server. Perhaps mod_ssl is a compiled-in module. Run 'httpd -l' to check this. After I enter a passphrase, it shows successful but the server never starts up. Can someone please help? The reason probably can be found in Apache's error_log file. Also can apache support both http and https at different ports at the same time? Yes. The defaults are port 80 for http and port 443 for https. -- Omar W. Hannet http://www.allez-oop.net/ __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List modssl-users@modssl.org Automated List Manager[EMAIL PROTECTED]
RE: Apache with mod_ssl
Apache was compiled as below ./configure --with-ldap --enable-mods-shared=all ssl ldap cache proxy authn_alias mem_cache file_cache authnz_ldap charset_lite dav_lock disk_cache --prefix=/opt/apache-2.2.4 Httpd -l gives below [EMAIL PROTECTED] bin]# httpd -l Compiled in modules: core.c prefork.c http_core.c mod_so.c How do I compile so that it does not load mod_ssl automatically and loads only if httpd.conf is configured. Surprisingly there are no error logs even at debug level. Thank you so very much for the kind help. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Omar W. Hannet Sent: Friday, June 15, 2007 4:13 PM To: modssl-users@modssl.org Subject: Re: Apache with mod_ssl Saikat Saha wrote: We have apache 2.2.4 compiled with all modules but commented out all load modules. Do not have anything in httpd.conf file to state that this is https. But when I start apache, it tries to goto https and prompts for pass phrase. How does apache determine that this is https whereas this is actually a http server. Perhaps mod_ssl is a compiled-in module. Run 'httpd -l' to check this. After I enter a passphrase, it shows successful but the server never starts up. Can someone please help? The reason probably can be found in Apache's error_log file. Also can apache support both http and https at different ports at the same time? Yes. The defaults are port 80 for http and port 443 for https. -- Omar W. Hannet http://www.allez-oop.net/ __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List modssl-users@modssl.org Automated List Manager[EMAIL PROTECTED] __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List modssl-users@modssl.org Automated List Manager[EMAIL PROTECTED]