You definitely don't want to leave the impression with a user that configuring a secure server is 'easy'. It's not. The most simplistic and common case is probably insecure.
Bill > On Mon, Oct 01, 2001 at 09:06:09PM -0400, MATHIHALLI,MADHUSUDAN (HP-Cupertino,ex1) wrote: > > Oh !!.. that's right :-).. I had the DocumentRoot setup with full path in > > the v-host configuration, and hence the confusion.. I thought the ServerRoot > > *is* required in setting it up.. > > But does it really matter if we have the @@ServerRoot@@ variable in the ssl > > configuration file ?.. It should be really simple to 'sed' it to the prefix > > that's configured by the user - right ?.. > > I'm obviously missing something here... Shouldn't the most simplisitic > config syntax for mod_ssl simply be: > > <IfModule mod_ssl.c> > <VirtualHost _default_:443> > DocumentRoot htdocs > SSLEngine on > SSLCertificateFile /path/to/my/certificate/file > </VirtualHost> > </IfModule> > > I'm just not really seeing why we need this config to be separated out > into another file. We don't need to have an example that shows > everything - just the most simplistic and common case. Anything else > should be RTFM. -- justin >
