httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "LeTortorec, Jean-Louis" <JLeTorto...@healthcore.com>
Subject RE: Apache, php, mod_ssl and Apache-SSL
Date Thu, 04 Apr 2002 14:33:43 GMT

This is the very first time I can get a comparison between the 2 products.

Thank you so much for your help. 
 


-----Original Message-----
From: Owen Boyle [mailto:obo@bourse.ch] 
Sent: Thursday, April 04, 2002 2:33 AM
To: users@httpd.apache.org
Subject: Re: Apache, php, mod_ssl and Apache-SSL


"LeTortorec, Jean-Louis" wrote:
> 
> Hello every body:
> 
> Do you know where I could find literature helping me choosing between 
> Apache-SSL and mod_ssl?
> 
> I know that one came from the other one, looks like they're both 
> good...

I'm sure no-one has written a comparative study, if that's what you're
looking for :-)

AFAIU, the original problem was that the apache API did not provide the
functionality to connect to the openssl library functions (which are
essential for SSL). Apache-SSL solved this by taking the apache source and
adding code to allow this connectivity. Thus, Apache-SSL is a monolithic,
SSL-aware version of apache. 

With mod_ssl, an extension to the apache API was written, then the SSL
functionality was placed in an external module which could be statically
linked or loaded at run-time.

As to which is better - that is very much a matter of opinion and guaranteed
to start a flame war...

I would make the following observations, however (disclaimer: I use
mod_ssl):

Binary: 

mod_ssl with a DSO apache allows you to run the server *without* SSL. This
might be useful if you run several instances of apache - some could be with
SSL, others without. Those without would obviously be much smaller in terms
of the binary memory footprint. This might appeal to those who strive for
parsimony. Apache-SSL or a statically compiled
apache+mod_ssl is always the same binary regardless of whether you use
SSL or not.

Ease of install:
 
I only installed Apache-SSL once but I remember it being a trifle
complicated. Personally, I find mod_ssl installation more streamlined.

Versions: 

The last time I looked, Apache-SSL was a few versions behind (currently
1.3.22 - obviously, since it depends on apache, there is a latency between a
new apache release and the corresponding Apache-SSL version). If you like to
keep your apache up-to-date, you might find yourself waiting a while with
Apache-SSL. 

mod_ssl is usually upgraded within a few days of an apache upgrade. Since I
like to wait about a week before upgrading (so others can burn-in the new
version ;-), I find never find this a problem.

Personally, I found the mod_ssl approache more flexible and the prompt
upgrading is a definite plus. I never ran Apache-SSL in production so I
can't comment on robustness or performance, but I've never had any problems
with mod_ssl.

You pays your money, you makes your choice!

Owen Boyle.

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info. To
unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message