Installation Configuration of the Module MOD_ssl

The WWW server has base data encryption support built-in. There is a second port reserved for secure socket layer (SSL) connections. But the WWW server main part isn't able to handle data encryption - this has to be done by an external module. MOD_ssl contains initialization, encryption and decryption methods using OpenSSL (which was established on SSLeay by Eric Young - eay@cryptsoft.com).

Why this separation?

In some countries data encryption is prohibited by law, in others it is restricted. The USA for instance prohibits export of strong data encryption, France prohibits use of data encryption for private use same as Russia does. The module - as mentioned above - relies on an external library. If this library is missing the operating system isn't able to load the module. If encryption would be completely in the main program, in that case no operation would be possible at all. So, that way, only the module can't be loaded and access to the second port is blocked.
Notes:

Configuration?

Configuration is done via configuration section - see module configuration for module MOD_ssl. The configuration parameters are currently limited to PEM file path and name. The PEM file contains the server certificate. On the initial start-up, the test certificate is set.
Note:

^

Table of Contents
Table of
Contents
Index
Index A-Z
Server Administration
Server Ad-
ministration
Copyright
Copyright
Notes
©. 1998-2000 by Dirk Ohme