That's our preferred solution.
Note that mod_ssl still insists that a server certificate exists which is
used to generate temp RSA keys, so non-SSL users will need to install a
dummy certificate even when they're serving only HTTP requests. Not a big
deal, but something we need to consider.
The other issues we're considering are:
- performance impact when not serving HTTPS (if any, we haven't
yet measured it)
- impact on optional or user-written modules (which modules need
mod_ssl's EAPI and which don't)
-----Original Message-----
From: Kirk Benson [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, July 26, 2000 9:40 AM
To: [EMAIL PROTECTED]
Subject: RE: Pros/Cons for using Apache with mod_ssl for non-SSL
operation
Why not option a) and just comment out the SSL directives in httpd.conf?
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
