Post reply

The message has the following error or errors that must be corrected before continuing:
Warning: this topic has not been posted in for at least 120 days.
Unless you're sure you want to reply, please consider starting a new topic.

Note: this post will not display until it's been approved by a moderator.

Message icon:
Please leave this box empty:

Type the letters shown in the picture
Listen to the letters / Request another image

Type the letters shown in the picture:

shortcuts: alt+s submit/post or alt+p preview

Topic Summary

Posted by sukishan
 - Aug 23, 2009, 12:32 AM
Getting Started with SSL on Apache
There are a few key ingredients you will need to use with Apache to secure your Web server: OpenSSL, mod_ssl, and root access to the server.

OpenSSL is a command line toolkit for using secure sockets layer encryption on a server and can be acquired from This tool works with Apache module mod_ssl in carrying out SSL-related tasks. You will need root privileges to install OpenSSL to its traditional destination of /usr/local/ssl/install/openssl.

You must also ensure that mod_ssl is available on your server. There are other alternatives to mod_ssl; one is apache-ssl, from which the mod_ssl code was forked. However, mod_ssl's adoption has been dramatic -- nearly 20% of Apache servers were running it at the beginning of 2002.

To see which modules are active in Apache, issue the following command in a Terminal as root user on your server.

/usr/sbin/httpd -l

If you have a recent Linux distribution installed, it is likely Apache's modules are compiled as dynamic loadable modules, in which case you'll need to edit your httpd.conf file and check that the following line is uncommented.

LoadModule ssl_module modules/

Restarting Apache will load the module into action. In my case, having used an RPM-based install of Red Hat and Apache, this is achieved with the apachectl command, typically found in /usr/sbin/apachectl. You can restart Apache by typing the following:

/usr/sbin/apachectl restart

There are several helpful features of apachectl, including stop, start, restart, status and check config. See the man pages via man apachectl.

Note that in recent Apache distributions, the httpd.conf file contains an <IfDefine HAVE_SSL> section that is intended to contain the <VirtualHost> definitions for all your SSL Websites. By placing these definitions within the <IfDefine> section, you can ensure that the sites will not be made available unless SSL support is successfully loaded on the server. This prevents any problems arising in which SSL could expose your secure sites.
IT Acumens Web Designing Chennai | GinGly :: Build your Personal Website | CineBuzz :: Cinema News | My Kids Diary :: Gift your Kids Memories :: Book Website @ 349 Rs monthly
Copyright 2005 - 2021 :: IT Acumens :: All Rights Reserved. :: XML Sitemap
ITAcumens Discussion Forum with 2 lakhs post running for 15 years - Powered by IT Acumens Pro Dedicated Server

My Kids Diary