Mod_ssl patch for Apache server v2.0.49

e_jeffhang · February 16, 2006, 10:04pm

Hi there,

Please help, anyone know where to download latest Mod_SSL patch for Apache server v2.0.49 . Have tried www.apache.org but there is not latest patch available.

cbkihong · February 17, 2006, 12:09am

Isn't mod_ssl bundled with Apache 2.x already?

What do you mean by the mod_ssl patch?

e_jeffhang · February 17, 2006, 12:41am

I am not sure mod_ssl is bunlded with Apache 2.x or not. Actually the mod_ssl patch meant that the correspondent ID of mod_ssl (v2.x.x) for Apache v2.0.49.

For example www.modssl.org, the latest version is mod_ssl 2.8.25 for Apache 1.3.34.

TQ:)

cbkihong · February 17, 2006, 1:12am

Apache 2.x distribution (source distribution, at least) already contains mod_ssl. You don't need to install any external packages to enable any SSL functionality. There is an --enable-ssl configure switch for that.

e_jeffhang · February 17, 2006, 2:22am

But how do we ensure that the proper mod_ssl already contains in Apache v2.X? In fact I have found the statement from my application installation document its said that "mod_ssl must be compiled and the server certificates
must be created."
Where can I configure the "enable-ssl"? It is in <server_root>/apache/conf/httpd.conf??

cbkihong · February 17, 2006, 3:52am

--enable-ssl is a ./configure switch, not an Apache configuration directive.

You get the Apache 2.x sources you need to run ./configure, right? Just append the "--enable-ssl" switch at the end, together with other options you require. If you have the prerequisites met (e.g. Openssl installed) it will be installed.

It also generates some needed Apache SSL configuration for you in the config files but you should review them before actual use. You need to separately generate certificates and keys but if you had experience with Apache 1.3 + mod_ssl the procedures is largely the same. You should look at the Apache documentation for details.

e_jeffhang · February 17, 2006, 5:43am

The ./configure switch it is /opt/hpws/apache/conf/ssl.conf file you meant??Can u explain in step by step, because i`m still dummy in apache web server setup if you dont mind........TQ

cbkihong · February 17, 2006, 8:39am

No.

As I don't use AIX so I don't know if they ship the sources with the OS, or whether SSL module is provided through some special packages or means. But for the general case, Apache needs to be compiled with SSL support if you need HTTPS. You can try to look at the Apache modules directory and check whether any shared library file named 'ssl.so' or similar exists. If the SSL module is compiled static instead you won't see the shared library but that is okay. If so then very likely the Apache is compiled with SSL support.

Probably if you intend to use the OS-packaged Apache and SSL configuration already exists in ssl.conf out of the box, then quite likely the SSL module is already compiled (but not necessarily enabled).

Then you can proceed to ssl.conf configuration as instructed in the Apache documentation or from any external resources.

If your Apache really doesn't have SSL module compiled-in, statically or dynamically, then you need to recompile Apache. Recompiling Apache involves fetching the Apache sources from the Apache Web site and running a configure script inside. On the configure command line you need to add the --enable-ssl option to compile SSL module support. As I said, this is a compilation option, not an Apache configuration directive.

e_jeffhang · February 20, 2006, 4:20am

Thank you:)