httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From coolcuzu <coolc...@gmail.com>
Subject Re: [users@httpd] Using Apache 2.0 with mod_ssl and custom engine on openssl
Date Wed, 12 Jun 2013 21:01:44 GMT
Thank you Daniel. I've found a patch that enables passing arguments to 
the dynamic engine.  I'll go with it.

I appreciate your help.

Erman

On 6/12/2013 3:53 PM, Daniel Ruggeri wrote:
> Erman;
>     You are correct - there are no ways to pass arguments via the
> configuration file. You could use environment entries to avoid hard
> coding things in your engine, though.
>
> --
> Daniel Ruggeri
>
> On 6/11/2013 12:01 PM, coolcuzu wrote:
>> Thank you Daniel for your help.
>>
>> I believe a bad part (or an important feature that does not exist) of
>> mod_ssl is the lack of ability to pass any argument or parameter to
>> the crypto device that you want to use. Do you know anything about
>> passing a parameter (command in openssl engine terminology)?
>> Otherwise, I may need to hardcode the parameters into the custom
>> openssl engine, which isn't very nice though.
>>
>> Erman
>>
>> On 6/11/2013 11:06 AM, Daniel Ruggeri wrote:
>>> On 6/10/2013 4:56 PM, coolcuzu wrote:
>>>> Hi,
>>>>
>>>> My question may seem rather complex, but I believe someone can
>>>> answer it.
>>>>
>>>> 1 - I've implemented a custom OpenSsl Engine, which works perfectly
>>>> fine in OpenSsl.
>>>> 2 - I want to create a sample web site that uses https with Apache.
>>>> After my search, I saw that Apache uses mod_ssl to support https.
>>>> Mod_ssl is based on openssl.
>>>>
>>>> That's where my question comes in:
>>>>
>>>> When mod_ssl uses openssl in the backend, I want it to use my custom
>>>> Openssl Engine implementation. Is it possible?
>>>>
>>>> I hope that i'm clear.
>>>>
>>>> Thanks,
>>>>
>>>> Erman
>>>>
>>> Hi, Erman;
>>>      Yes, you can in 2.0. In order to use an engine, though, you must
>>> compile httpd with -DSSL_EXPERIMENTAL_ENGINE. This will enable the
>>> SSLCryptoDevice directive which will be set to the name of your engine.
>>> This compile flag was dropped in 2.2 which made SSLCryptoDevice part of
>>> a 'normal' build.
>>>
>>> -- 
>>> Daniel Ruggeri
>>>
>>>
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>>> For additional commands, e-mail: users-help@httpd.apache.org
>>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>> For additional commands, e-mail: users-help@httpd.apache.org
>>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message