Thank you Daniel for your help.
I believe a bad part (or an important feature that does not exist) of
mod_ssl is the lack of ability to pass any argument or parameter to the
crypto device that you want to use. Do you know anything about passing a
parameter (command in openssl engine terminology)? Otherwise, I may need
to hardcode the parameters into the custom openssl engine, which isn't
very nice though.
Erman
On 6/11/2013 11:06 AM, Daniel Ruggeri wrote:
On 6/10/2013 4:56 PM, coolcuzu wrote:
Hi,
My question may seem rather complex, but I believe someone can answer it.
1 - I've implemented a custom OpenSsl Engine, which works perfectly
fine in OpenSsl.
2 - I want to create a sample web site that uses https with Apache.
After my search, I saw that Apache uses mod_ssl to support https.
Mod_ssl is based on openssl.
That's where my question comes in:
When mod_ssl uses openssl in the backend, I want it to use my custom
Openssl Engine implementation. Is it possible?
I hope that i'm clear.
Thanks,
Erman
Hi, Erman;
Yes, you can in 2.0. In order to use an engine, though, you must
compile httpd with -DSSL_EXPERIMENTAL_ENGINE. This will enable the
SSLCryptoDevice directive which will be set to the name of your engine.
This compile flag was dropped in 2.2 which made SSLCryptoDevice part of
a 'normal' build.
--
Daniel Ruggeri
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
