httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Nigel Peck - MIS Web Design" <>
Subject RE: [users@httpd] New to SSL
Date Tue, 20 May 2003 15:52:44 GMT
> >I'm running Apache 1.3.27 on Redhat 7.3. It's a live and busy
> >web server so
> >it can't go down (not for long anyway). I need to add SSL and
> >I need to get it right first time.
> Oh dear...

:) yep.

> ....
> You also need certificates. You can generate self-signed certs to get
> the thing working but if you want to do real e-business on the web, you
> need certs signed by a professional certificate authority. These cost
> Real Money and are a bit laborious in terms of bureaucracy.

A minor point that I'd overlooked until just now :). I need to support SSL
on a number of (customer) domains:

What's the best way to achieve this?
Do they all need their own certificate?
What's the best authority to use?
How come is so much cheaper than thawte and

(Sorry for so many questions)

> On the plus side, both approaches are well-documented on the websites
> and in the INSTALL files which come with the distros. If you kept your
> notes from the last time you installed/upgraded apache, you should have
> no trouble folding in mod_ssl (you did keep your notes, didn't you?). It
> also helps if your apache has as few bells and whistles as possible - if
> you have PHP, MySQL and FrontPage to contend with at the same time,
> things will get interesting.

Unfortunately apache was installed by the company that provided the server
(I've done it before just not this one) Any issues with just grabbing a tar
of the same version and using that to build from?

Erm, yer, my notes.......what are notes again?

> I'd set aside a quiet week or so to get things running...

That would be in the same place as the notes :)

> >Is it possible to install a second copy of Apache to do the
> >SSL stuff and
> >therefore leave my working HTTP server alone? Is this a good idea?
> This is an interesting idea - you mean run a 2nd instance of apache
> which just listens on port 443? This would certainly work. You'd have to
> stop and start two apaches instead of one but otherwise, I can't see any
> problems with it.

I think that's what I'll do then, no need to worry about breaking anyone's
hosting and having to hand out refunds!

How do I stop the second instance from listening on 80?

Am I right in saying that if an Apache server has SSL installed then
"./httpd -V" would show up HAVE_SSL? (It doesn't)

Thanks for the response,

MIS Web Design

The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message