Date: Fri, 8 Jun 2007 09:17:46 +0700 (ICT) From: Olivier Nicole <on@cs.ait.ac.th> To: Patrick.Baldwin@studsvikscandpower.com Cc: freebsd-questions@freebsd.org Subject: Re: [freebsd-questions] Best way to add SSL to Apache 1.3.37 Message-ID: <200706080217.l582Hk1f088594@banyan.cs.ait.ac.th> In-Reply-To: <46682C53.8060505@studsvikscandpower.com> (message from Patrick Baldwin on Thu, 07 Jun 2007 12:03:31 -0400) References: <46682C53.8060505@studsvikscandpower.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> Which seems to suggest that I'd need to have installed the apache > port /usr/ports/www/apache13-modssl instead of the package apache-1.3.37_3. Right. > So, do I need to remove the apache-1.3.37_3 package (presumably with > pkg_delete, as I think that's the cleanest way, please correct me if I'm You use the same/reverse way to remove that you use to install. > wrong), and re-install from the apache13-modssl port, or is there in > fact some way to just get mod_ssl and add to my existing Apache The you install apache-modssl from the ports. Of course you can install mod-ssl from the source by hand. > configuration? If both options are possible, is one better than the > other? I'd prefer not to have to re-do my apache install, but if > there's some compelling reason I should, I'm interested in knowing it. You would have to modify the httpd.conf to activate SSL anyway. Have you a lot of things in the config yet? > Also, when I've got it, I want users to have the option to use it, > not be forced to (tinkering with a Squirrelmail webmail server here), so > any information on that would be more than welcome. Any reason why you don't want to force your user to go SSL. They will be exchanging password over the network, better it is crypted, don't you think? If it is a matter of not purchasing a certificate, you can put up a page on the way to install the certificate once for all so the users are not requested again to accept the certificate. Usual configuration of Apache normally allows you to set-up two servers, one on port 80 that is not crypted and one on port 443 that is using SSL. Both services can share the same web pages, giving acces both with and without SSL. Bests, olivier
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200706080217.l582Hk1f088594>