David L. Zoll escribi�:
Hmm, I have one concern about this. If mod-ssl is compiled with 0.9.6, and OpenCA Perl scripts use 0.9.7, and they occupy the same process, you are likely to have a problem. If I recall correctly, this doesn't actually happen when using plain CGI, but mod-perl is on the feature list for the next release, and I believe mod-perl does load scripts up in the same process. I don't know for sure that there is a problem there, but it might be worth looking into.
Currently, the OpenCA web interface does no crypto operations on its own, everything is done by forking and exec'ing the openssl jumbo command, so it would not use the OpenSSL libraries linked with Apache, but those linked to the exact openssl command executed. However, this would not benefit fully from running on mod_perl, since best practice is not to fork the mod_perl-enabled httpd at all. Getting all the benefit from mod_perl would require calling the OpenSSL libraries directly. But in that case, the exact OpenSSL version would not matter that much, since most of the requirements for 0.9.7 are due to limitations in the command line interface of OpenSSL, not the libraries themselves. So I think it will be OK either way. Julio ------------------------------------------------------- This sf.net email is sponsored by: Influence the future of Java(TM) technology. Join the Java Community Process(SM) (JCP(SM)) program now. http://ads.sourceforge.net/cgi-bin/redirect.pl?sunm0004en _______________________________________________ Openca-Users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/openca-users
