** Reply to note from Owen Boyle <[EMAIL PROTECTED]> Fri, 23 Feb 2001 14:34:44 +0100 Be aware that mod_ssl patches Apache. Unless the existing Apache was compiled with SSL support it will have to be recompiled. Follow the instructions on the mod_ssl INSTALL file. It needs a recompile even if you are changing mod_ssl versions. You don't have to kill your existing Apache daemon until the compile process is complete, so downtime can be minimized. Also, for testing you can place your Apache daemon in an unusual place, and create a httpd.conf that references your existing sites. (Also in an unusual place.) Then you can kill the existing server and start your new SSL enabled apache with: /path/to/unusual/place/httpd -DSSL -f /path/to/unusual/httpd.conf for testing. If things don't work just kill it and restart the old one. Once you are sure it works, then you can move the new apache and config files to the normal locations and run them from there. Be sure to replace/update your rc.d or apachectrl files as mod_ssl will need different startup parameters. Be sure you have valid key an dcertificate files in place anywhere they are needed. Missing or invalid key and certificate files will prevent Apache from starting. > > Dennis Montanje wrote: > > Does anyone know how to load mod_ssl runtime into Apache. Does it has to be > > compiled into Apache? Or does anyone has an other idea how to enable > > mod_ssl without shutting down Apache? > > mod_ssl is an apache module. It can be loaded into the apache core as > a dynamically shared object (DSO) or it can be compiled into the httpd > binary. In either case, you have to restart apache afterwards. There > are a dozen reasons why: > > - to load a DSO you need mod_so already compiled in. Is it? - you need > an SSL virtual host for the mod_ssl to serve - mod_ssl needs to read > the certificate files - you need to open the ssl logfile - can't be > bothered thinking of any more.... > > All these things require a restart. It should only take a minute to > restart (if everything works). Keep backups of the working httpd > binary and httpd.conf and roll-back to them if you have a problem. > > Rgds, > > Owen Boyle. > ______________________________________________________________________ > Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support > Mailing List [EMAIL PROTECTED] Automated List Manager > [EMAIL PROTECTED] > Rick Widmer Internet Marketing Specialists http://www.developersdesk.com ______________________________________________________________________ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
