Guy Smith wrote:
> Ack! I guess I am confused. So let me get this straight. I have a choice
> of:
>
> A) Apache+mod_ssl . . . or
> B) Apache-SSL
Correct - and both require Openssl. My personal preference (and the
subject of this mailing list...) is mod_ssl. But I make no judgement and
it's up to you to compare and contrast and decide which to use.
>
> What then, pray tell, is OpenSSL? My understanding (likely wrong) was that
> OpenSSL was an alternative to mod_ssl, and should be compiled in with the
> standard Apache distribution (which is what I did). This produced an httpsd
> binary, along with the associated httpsdctl script, which is what I am
> starting the server with.
OpenSSL is a set of third-party routines which provides the SSL
functionality (certificate generation, signing, encryption etc.).
Essentially, it is an SSL tool-kit.
If you go the mod_ssl way, it breaks down like this:
1) Apache is the web-server which handles plain HTTP. SSL traffic is
passed to:
2) mod_ssl, which is an apache module that takes SSL traffic from the
core apache server and processes it using:
3) openssl, which is a set of tools for encrypting and decrypting data
(among other things).
So there are three components to a functioning Apache-mod_ssl server.
If you choose Apache-SSL, the SSL functionality is built into apache.
You still need OpenSSL to get all the encryption algorithms and stuff.
In this case you have only two components. This is closer to what you
did...
Have a good look at the relevant web-sites, posted previously.
Rgds,
Owen Boyle.
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
