On Tue, Nov 27, 2001 at 09:24:36PM -0600, William A. Rowe, Jr. wrote: > this is a perception problem for end users [much like the "It Worked! > Apache is successfully installed." message] that should be avoided when > Apache 2.0's final SSL components are put in place.
Which is why we don't enable SSL by default and instead point them at the docs for mod_ssl. However, I believe this runs contrary to how httpd-2.0 will be packaged by third-parties - I think Henri mentioned that he is enabling mod_ssl by default in his RPM builds. I'm not sure if he is including a "Snake Oil" certificate or not. -- justin