httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Bill Stoddard" <b...@wstoddard.com>
Subject Re: SSL configuration file
Date Tue, 02 Oct 2001 13:08:35 GMT
You definitely don't want to leave the impression with a user that configuring a secure
server is 'easy'. It's not. The most simplistic and common case is probably insecure.

Bill

> On Mon, Oct 01, 2001 at 09:06:09PM -0400, MATHIHALLI,MADHUSUDAN (HP-Cupertino,ex1)
wrote:
> > Oh !!.. that's right :-).. I had the DocumentRoot setup with full path in
> > the v-host configuration, and hence the confusion.. I thought the ServerRoot
> > *is* required in setting it up..
> > But does it really matter if we have the @@ServerRoot@@ variable in the ssl
> > configuration file ?.. It should be really simple to 'sed' it to the prefix
> > that's configured by the user - right ?..
>
> I'm obviously missing something here...  Shouldn't the most simplisitic
> config syntax for mod_ssl simply be:
>
> <IfModule mod_ssl.c>
>   <VirtualHost _default_:443>
>     DocumentRoot htdocs
>     SSLEngine on
>     SSLCertificateFile /path/to/my/certificate/file
>   </VirtualHost>
> </IfModule>
>
> I'm just not really seeing why we need this config to be separated out
> into another file.  We don't need to have an example that shows
> everything - just the most simplistic and common case.  Anything else
> should be RTFM.  -- justin
>


Mime
View raw message