Re: Is it possible to not force SSL on port:443?

Sat, 15 Oct 2005 03:42:24 -0700 

Also, here is my ssl.conf:
---------------------------------
LoadModule ssl_module modules/mod_ssl.so

AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl    .crl

SSLPassPhraseDialog  builtin

SSLSessionCache         shmcb:/var/cache/mod_ssl/scache(512000)
SSLSessionCacheTimeout  300

SSLMutex default

SSLCryptoDevice builtin

SSLProtocol +All
SSLCipherSuite HIGH:MEDIUM:+SHA1:+NULL:+aNULL:+eNULL

SSLRandomSeed startup file:/dev/urandom 1024
SSLRandomSeed connect file:/dev/urandom 1024

SSLProxyEngine off
-----------------------------------

Then I setup my vhost like:

<VirtualHost myIP:443>
   DocumentRoot /var/www/websitename/
   ServerName websitename
   ErrorLog /var/log/httpd/websitename-ssl-error.log
   CustomLog /var/log/httpd/websitename-ssl-access.log common
   sslengine on
   sslcertificatefile /etc/httpd/ssl/websitename/websitename.crt
   sslcertificatekeyfile /etc/httpd/ssl/websitename/websitename.key
</VirtualHost>
Right now I am using sslengine off and doing none encryption over 443, but I really need to make encryption optional on the same port. 

Any ideas?
----- Original Message ----- From: "Cliff Woolley" <[EMAIL PROTECTED]> 
To: <modssl-users@modssl.org>
Sent: Friday, October 14, 2005 7:36 AM
Subject: Re: Is it possible to not force SSL on port:443?


On 10/14/05, Pigeon <[EMAIL PROTECTED]> wrote:
I am helping someone develop a product, and for the next little bit he will 
need to access port 443 with out the communication being encrypted (aka he
could telnet to it if he wanted).

But in the very near future, he will want to make 443 encrypted..

Is it possible to not force encryption on port443?


Sure... you just tell Apache to listen on that port and don't turn the
SSLEngine on.  :)

Or are you asking how to make it *optional*?  You can do that too --
as long as "SSLRequireSSL" isn't set, it should work.
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl)                   www.modssl.org
User Support Mailing List                      modssl-users@modssl.org
Automated List Manager                            [EMAIL PROTECTED]
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl)                   www.modssl.org
User Support Mailing List                      modssl-users@modssl.org
Automated List Manager                            [EMAIL PROTECTED]

Reply via email to