> I have been used the [1]Apache/HTTP Server + [2]MOD_SSL +[3] OpenSSL
> + [4]TC + [5]JSSE combination. And I know [6]Apache-SSL is an alternative
> of MOD_SSL, but I have not heard about the opinions on the Apache-SSL yet.
>
> Is there any specific reason you have to use Apach-ssl than mod_ssl? By
> shamelessly coping the statement from your message,
>
Not really, but mod_ssl is sounding better, if necessary (see
below)?
> > We don't need access to a certificate authority. I just need SSL for
> data
> > encrytpion.
>
> Are you referring the"Data Encryption" over HTTP, e.g., HTTPS,? Or, are
> you intended to handle the data encryption programatically over SSL?
>
HTTPS
> Pae
>
>
> [1] http://www.apache.org/
> [2] http://www.modssl.org/
> [3] http://www.openssl.org/
> [4] http://jakarta.apache.org/tomcat/index.html
> [5] http://java.sun.com/products/jsse/
> [6] http://www.apache-ssl.org/
>
>
>
>
>
Disclaimer,
As I a previous e-mail, I'm not a Linux/Unix/Web admin.
I'm a developer w/ a good bit of unix/linux experience who was
asked to get SSL working on a current system.
A few people here have a bit of experience with Apache/Tomcat/SSL,
but, mostly as a user/developer not as an admin.
Anyways, I started installing open-ssl & apache-ssl (to be replaced
w/mod-ssl)
on Friday, when someone (a co-worker) told me that wasn't necessary
for our
needs since we have little to no static content to worry about and
therefore don't
even need Apache. I was also told then that Tomcat was also a
web-server, news to me.
Today...
I've disabled Apache (httpd stop) - no httpd processes running.
Review the changes to server.xml - basically just uncommenting
the SSL connector.
Re-started Tomcat (as a non-root user) using for 8443. (I'll try
to find out today why
this isn't running as root)
However https://myHost/~myUser (test page) fails with "The page
cannot be displayed"
as does http://myHost/~myUser, http://myHost:8443/~myUser and
https://myHost:8443/~myUser
Question:
If I disable apache what (if anything else) do I need to do to
Tomcat?
Any server.xml mods?
Update /etc/services? https is on port 443, change to 8443?
This can really drive ya nuts.
I think I'll go play in the snow for a while & cool off :)
ThankX again,
Ron
> >
> > I'm installing apache_ssl & open_ssl.
> >
> > open_ssl build & installed fine.
> >
> > apache-ssl-1.3.4-1.31-1 requires SSLeay ver 0.9.0b or better?
> >
> > I've searched around (rpmfind & google) and found several references
> > and versions.
> >
> > However, I also found a bunch of legal BS.
> >
> > 1) Are there any legal issues involved with using this in a commercial
> > environment?
> >
> > 2) Which flavor? of SSLeay do I need for Apache-ssl
> > perl-Net-SSLeay
> > perl-crypt-SSLeay
> >
> > We don't need access to a certificate authority. I just need SSL for
> data
> > encrytpion.
> > Server (or client) authentication is not needed (at least the customer
> > hasn't requested
> > it yet). I plan on using a 'self-signed' certificate.
> >
> > ThankX All
> >
> > Ron
> >
> > --
> > To unsubscribe: <mailto:[EMAIL PROTECTED]>
> > For additional commands: <mailto:[EMAIL PROTECTED]>
> > Troubles with the list: <mailto:[EMAIL PROTECTED]>
> >
>
>
> --
> To unsubscribe: <mailto:[EMAIL PROTECTED]>
> For additional commands: <mailto:[EMAIL PROTECTED]>
> Troubles with the list: <mailto:[EMAIL PROTECTED]>
--
To unsubscribe: <mailto:[EMAIL PROTECTED]>
For additional commands: <mailto:[EMAIL PROTECTED]>
Troubles with the list: <mailto:[EMAIL PROTECTED]>
