Return-Path: X-Original-To: apmail-httpd-users-archive@www.apache.org Delivered-To: apmail-httpd-users-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id AFBC2E63B for ; Wed, 5 Dec 2012 21:54:54 +0000 (UTC) Received: (qmail 24961 invoked by uid 500); 5 Dec 2012 21:54:51 -0000 Delivered-To: apmail-httpd-users-archive@httpd.apache.org Received: (qmail 24943 invoked by uid 500); 5 Dec 2012 21:54:51 -0000 Mailing-List: contact users-help@httpd.apache.org; run by ezmlm Precedence: bulk Reply-To: users@httpd.apache.org list-help: list-unsubscribe: List-Post: List-Id: Delivered-To: mailing list users@httpd.apache.org Received: (qmail 24935 invoked by uid 99); 5 Dec 2012 21:54:51 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 05 Dec 2012 21:54:51 +0000 X-ASF-Spam-Status: No, hits=-0.0 required=5.0 tests=SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (athena.apache.org: domain of alex_chen@filemaker.com designates 192.35.50.18 as permitted sender) Received: from [192.35.50.18] (HELO ns3.filemaker.com) (192.35.50.18) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 05 Dec 2012 21:54:42 +0000 Received: from imap.filemaker.com (imap.filemaker.com [17.184.4.237]) by ns3.filemaker.com (8.12.1-20030922/8.12.1) with ESMTP id qB5Lr68l027970 for ; Wed, 5 Dec 2012 13:53:06 -0800 (PST) Received: from [17.184.101.89] (unknown [17.184.101.89]) by imap.filemaker.com (Postfix) with ESMTP id AD82D11800004290215 for ; Wed, 5 Dec 2012 13:54:21 -0800 (PST) Message-ID: <50BFC28D.1070807@filemaker.com> Date: Wed, 05 Dec 2012 13:54:21 -0800 From: Alex Chen User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:16.0) Gecko/20121026 Thunderbird/16.0.2 MIME-Version: 1.0 To: users@httpd.apache.org References: <50BF8AA8.9050802@filemaker.com> <50BF91A9.4070405@indietorrent.org> In-Reply-To: <50BF91A9.4070405@indietorrent.org> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Virus-Checked: Checked by ClamAV on apache.org Subject: Re: [users@httpd] httpd-ssl.conf and SSL directives I want to start and stop Apache via a program so it does not conflict with system Apache server, if any, and I want to remove private key after Apache starts for obvious reason. I know Apache starts itself and spawn child processes to serve the requests, so the child process should have all the configuration read by the parent process I think. But I am not sure if there are cases where Apache need to reload the configuration. (on SIGHUP,, SIGUSR1 or SIGUSR2 maybe?) On 12/5/2012 10:25 AM, Ben Johnson wrote: > > On 12/5/2012 12:55 PM, Alex Chen wrote: >> If I enable HTTPS by loading the mod_ssl.so, enabling httpd-ssl.conf, >> start Apache then remove SSL certificate, SSL private key, will that >> cause Apache to fail to acceptHTTPS requests? >> How if I remove the httpd-ssl.conf all together? >> In a nutshell, will Apache continue to work properly and accept HTTPS if >> all the configurations and directives for serving HTTPS are removed >> after Apache starts successfully, >> >> Alex >> > I'm pretty sure that Apache loads all of its configuration data > (including SSL/TLS certificate components) when the service is started. > So, yes, in theory, you could remove the certificate components after > Apache starts, and the server would continue to serve HTTPS requests > because the files are stored in memory. Of course, it would be simple > enough for you to test this yourself. > > That said, I remember reading somewhere that Apache attempts to reload > certain portions of that information in the normal course of operation. > Perhaps one of the developers will weigh-in. > > Why you would ever want to do something like that is another issue > altogether. Would you care to indulge the curious? > > -Ben > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org > For additional commands, e-mail: users-help@httpd.apache.org > --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org For additional commands, e-mail: users-help@httpd.apache.org