On 30/09/2023 22:28, General Email wrote:
On Sat, 30 Sep, 2023, 5:34 pm Will Fatherley, <wefather...@gmail.com>
wrote:
Please support/enable https by default in the Apache web server.
HTTPS is supported already by default. I like the idea of enabling by
default, but as it stands now probably should not be done as the
generation of keying material is required; the certification of keying
material, while capable of being automated, may become overburdened or
more easily abused; and other such complications related to
authentication.
In XAMPP (https://www.apachefriends.org/download.html) https can be
enabled easily (change of only couple of lines is required).
XAMPP has apache http web server.
It looks like they have a default SSL certificate in their distribution.
Fitefox and other browsers complain something like "the certificate is
not trusted" but they also give an option of taking the risk and going
ahead. When you go ahead, you can access your site using https.
This is good when a developer is developing a website on his local
computer.
Later, when going for hosting the website, the hosting providers do
everything for you for supporting https.
So, if whatever XAMPP has done in their distribution of apache http
server, if the same can be done in official apache http server then this
will be of great help during website development and testing.
Regards,
GE
Please re-read Stefan's reply.
It is not up to the project to dictate to administrators, there are
examples that are easy implementable, use them. The project is not to
know where you want your docroot, if you want CGI or what directories
require special permissions or options are they, configuring your host
to how you want it is your job.
How hard is it really to uncomment one hash sign and edit a file to set
correct DocumentRoot and hostnames and where the keys are... (thats
rhetorical by the way not actually a question)
And as for those "webhosts" doing it automatically, all we do is use a
vhost template that we created and is used when adding each host,
customised by perl or php or whatever prog language the webhost uses in
their backend.
