On Mon, Mar 22, 1999, [EMAIL PROTECTED] wrote:
> Full_Name: Sean Proske
> Version: 2.2.5
> OS: FreeBSD
> Submission from: d190-qe101h1-abfd-pdi.attcanada.net (142.194.53.190)
>
> I installed apache1.3.4+mod_ssl2.2.5, the intention was to install openssl, but
> it looks like it installed ssleay instead...
> named. openssl doesn't appear to exist anywhere on the system but when I type
> the command
>
> # ssleay version
>
> it tells me it's OpenSSL 0.9.1c 23-Dec-1998
>
> I mention this because it is a US installation, and I understand that openssl is
> ok, but ssleay is not. Furthermore, the documentation says to type openssl at
> the command line when running any type of operation supported by that package,
> but of course openssl doesn't exist and ssleay has to be substituted for it to
> work.
>
> What exactly did I install? Is it openssl or ssleay? Is this a problem at your
> end, or is it with FreeBSD? (I installed it from the FreeBSD ports collection by
> cd'ing into the /usr/ports/www/apache13-modssl directory and running make.
>
> Whoever is responsible for how it is installed, whether it's the FreeBSD
> developers or your team it does need to be fixed, otherwise there may be a lot
> of people in North America who at worst will not know if they're infringing upon
> patents and leaving themselves open to potential liability and at best, will be
> confused by much of the documentation.
>
> On another note, I would suggest that you implement a feature that will preserve
> existing configuration files if apache+modssl is installed over an existing
> apache installation. It would be even better if it would make a backup and
> create a new httpd.conf file with all the additional directives necessary for
> ssl support, i.e. keep all the old settings, virtual servers, etc. When I
> installed the port, it overwrote my existing httpd.conf (luckily I had enough
> sense to keep a backup readily available) if it is not practical or even
> possible to implement such a feature, I would suggest at the very least that you
> make a note in a prominent place in the documentation that will alert people of
> the fact that their httpd.conf file will be overwritten when they install and
> that they should ensure that they have a backup on hand. It should't be too
> tough to put a few lines of code in the Makefile that will check for an existing
> httpd.conf in the destination directory and mv it to httpd.conf.backup though
A few points:
1. First, you're installing the FreeBSD port and this always is a special case,
because the FreeBSD port has special requirements from the FreeBSD area, of
course. The apache13-mod-ssl port doesn't contain OpenSSL, it just has a
reference to the openssl port. And this still installs OpenSSL 0.9.1c.
That's correct, it's binary is called "ssleay". That will change when
someone has updated the openssl port to OpenSSL 0.9.2b. Then the binary
name will be openssl.
2. You're totally misinformed when you think OpenSSL is ok to use in the USA
while SSLeay wasn't. Totally incorrect. Anything which applied to SSLeay
also applies to OpenSSL. Both copyrights on the code and the
use-restrictions because of contained algorithms and patents on it.
3. That your httpd.conf files was killed is a side-effectof the
FreeBSD port. Ports usually remove all installed things! When you are
installing Apache+mod_ssl+OpenSSL on your own, this doesn't happen, of
course. Then Apache correctly preserves installed config files, of course.
Ralf S. Engelschall
[EMAIL PROTECTED]
www.engelschall.com
______________________________________________________________________
Apache Interface to SSLeay (mod_ssl) www.engelschall.com/sw/mod_ssl/
Official Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
