Re: Apache-SSL or Mod-ssl

[Jeff Kilbride]

Actually, mod-ssl is the preferred way to add SSL to Apache these days. Apache-SSL is an older solution. Most of the commercial ssl products (i.e. Covalent Raven, Stronghold, etc...) are based on mod-ssl -- and they actually support its development. If you've already gone through the pain of setting up Apache-SSL, setting up mod-ssl should seem relatively simple. Mod-ssl is extremely well documented on it's website (www.modssl.org). It took me about 20 minutes to apply the EAPI patch to Apache and compile the module.   If I were you, I'd look at implementing mod-ssl on your own before buying Stronghold or any other commercial product.   Thanks, --jeff   ----- Original Message ----- From: Sam Newman To: [EMAIL PROTECTED] Sent: Monday, April 16, 2001 6:53 AM Subject: Apache-SSL or Mod-ssl I was wondering which is the prefered choice for work with servlets? I am having untold trouble getting Apache-SSL to work (built it, can't view a page without a seg fault). Whilst not a tomcat specific issue Apache-SSL is the mentioned way to get SSL working with tomcat. I've just tried RedHats Stronghold product (try www.c2.net) which gave be an out of the box SSL working Apache server (uses mod_ssl) in under 10 minutes. Getting tomcat to work with it hasn't been a problem either - well, hardly a problem (see my other post). Before I try and get my boss to buy stronghold, are there any issues I should be aware of with using mod_sll as opposed to Apache-SSL?   sam