httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From coolcuzu <coolc...@gmail.com>
Subject Re: [users@httpd] Using Apache 2.0 with mod_ssl and custom engine on openssl
Date Tue, 11 Jun 2013 17:01:04 GMT
Thank you Daniel for your help.

I believe a bad part (or an important feature that does not exist) of 
mod_ssl is the lack of ability to pass any argument or parameter to the 
crypto device that you want to use. Do you know anything about passing a 
parameter (command in openssl engine terminology)? Otherwise, I may need 
to hardcode the parameters into the custom openssl engine, which isn't 
very nice though.

Erman

On 6/11/2013 11:06 AM, Daniel Ruggeri wrote:
> On 6/10/2013 4:56 PM, coolcuzu wrote:
>> Hi,
>>
>> My question may seem rather complex, but I believe someone can answer it.
>>
>> 1 - I've implemented a custom OpenSsl Engine, which works perfectly
>> fine in OpenSsl.
>> 2 - I want to create a sample web site that uses https with Apache.
>> After my search, I saw that Apache uses mod_ssl to support https.
>> Mod_ssl is based on openssl.
>>
>> That's where my question comes in:
>>
>> When mod_ssl uses openssl in the backend, I want it to use my custom
>> Openssl Engine implementation. Is it possible?
>>
>> I hope that i'm clear.
>>
>> Thanks,
>>
>> Erman
>>
> Hi, Erman;
>     Yes, you can in 2.0. In order to use an engine, though, you must
> compile httpd with -DSSL_EXPERIMENTAL_ENGINE. This will enable the
> SSLCryptoDevice directive which will be set to the name of your engine.
> This compile flag was dropped in 2.2 which made SSLCryptoDevice part of
> a 'normal' build.
>
> --
> Daniel Ruggeri
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message