HOME

TheInfoList



Click Here for Items Related To - mod ssl
OR:
mod ssl on:   [Wikipedia]   [Google]   [Amazon]

mod_ssl is an optional module for the
Apache HTTP Server The Apache HTTP Server ( ) is a free and open-source software, free and open-source cross-platform web server, released under the terms of Apache License, Apache License 2.0. It is developed and maintained by a community of developers under the ...
. It provides strong
cryptography Cryptography, or cryptology (from "hidden, secret"; and ''graphein'', "to write", or ''-logy, -logia'', "study", respectively), is the practice and study of techniques for secure communication in the presence of Adversary (cryptography), ...
for the Apache v1.3 and v2 webserver via the Secure Sockets Layer (SSL v2/v3) and
Transport Layer Security Transport Layer Security (TLS) is a cryptographic protocol designed to provide communications security over a computer network, such as the Internet. The protocol is widely used in applications such as email, instant messaging, and voice over ...
(TLS v1)
cryptographic protocol A cryptographic protocol is an abstract or concrete Communications protocol, protocol that performs a information security, security-related function and applies cryptographic methods, often as sequences of cryptographic primitives. A protocol desc ...
s by the help of the Open Source SSL/TLS toolkit
OpenSSL OpenSSL is a software library for applications that provide secure communications over computer networks against eavesdropping, and identify the party at the other end. It is widely used by Internet servers, including the majority of HTTPS web ...
.


History

The mod_ssl v1 package was initially created in April 1998 by Ralf S. Engelschall via porting Ben Laurie's Apache-SSL 1.17 source patches for Apache 1.2.6 to Apache 1.3b6. Because of conflicts with Ben Laurie's development cycle it then was re-assembled from scratch for Apache 1.3.0 by merging the old mod_ssl 1.x with the newer Apache-SSL 1.18. From this point on mod_ssl lived its own life as mod_ssl v2. The first publicly released version was mod_ssl 2.0.0 from August 10, 1998. After US export restrictions on cryptographic software were loosened, mod_ssl became part of the Apache HTTP Server with the release of Apache httpd 2. As of October 10, 2009, the latest version released for mod_ssl in Apache 1.3 is mod_ssl v2.8.31-1.3.41 on February 8, 2008.


Overview

The original version created for Apache v1.3 was initially created in April 1998 by Ralf S. Engelschall via porting Ben Laurie'
Apache-SSL
1.17 source patches for Apache 1.2.6 to Apache 1.3b6. This version is under a BSD-style license. The version for v2.0 and later, in contrast, is maintained by
Apache Software Foundation The Apache Software Foundation ( ; ASF) is an American nonprofit corporation (classified as a 501(c)(3) organization in the United States) to support a number of open-source software projects. The ASF was formed from a group of developers of the ...
and licensed under
Apache License The Apache License is a permissive free software license written by the Apache Software Foundation (ASF). It allows users to use the software for any purpose, to distribute it, to modify it, and to distribute modified versions of the software ...
2.0. It is possible to provide
HTTP HTTP (Hypertext Transfer Protocol) is an application layer protocol in the Internet protocol suite model for distributed, collaborative, hypermedia information systems. HTTP is the foundation of data communication for the World Wide Web, wher ...
and
HTTPS Hypertext Transfer Protocol Secure (HTTPS) is an extension of the Hypertext Transfer Protocol (HTTP). It uses encryption for secure communication over a computer network, and is widely used on the Internet. In HTTPS, the communication protoc ...
with a single server machine, because HTTP and HTTPS use different server ports, so there is no direct conflict between them. It is either the maintainer who would run two separate Apache server instances (one binds to port 80, the other to port 443) or use Apache's
virtual hosting Virtual hosting is a method for hosting multiple domain names (with separate handling of each name) on a single server (or pool of servers). This allows one server to share its resources, such as memory and processor cycles, without requiring a ...
facility where the maintainer can create two virtual servers which Apache dispatches: one responding to port 80 and speaking HTTP and one responding to port 443 speaking HTTPS.


Differences

The original mod_ssl in Apache 1.3 available a
www.modssl.org
is a third-party add-on package requiring additional steps in the compilation and configuration process. Also, the maintainer of the server needs to resolve additional system and Apache dependencies. Apache 2, in contrast, is a built-in module maintained by
Apache Software Foundation The Apache Software Foundation ( ; ASF) is an American nonprofit corporation (classified as a 501(c)(3) organization in the United States) to support a number of open-source software projects. The ASF was formed from a group of developers of the ...
, and mod_ssl can be easily activated in the compilation and configuration options.


See also

* List of Apache Modules


References

{{Reflist


External links


Official mod_ssl websiteSSL Certificate MonitoringBusiness Logic Security Testing (BLST)
Web server software Apache httpd modules Transport Layer Security Articles with underscores in the title