Date: Mon, 11 Jun 2007 12:06:58 -0400 From: Patrick Baldwin <Patrick.Baldwin@studsvikscandpower.com> Cc: freebsd-questions@freebsd.org Subject: Re: [freebsd-questions] Best way to add SSL to Apache 1.3.37 Message-ID: <466D7322.1080602@studsvik.com> In-Reply-To: <200706080217.l582Hk1f088594@banyan.cs.ait.ac.th> References: <46682C53.8060505@studsvikscandpower.com> <200706080217.l582Hk1f088594@banyan.cs.ait.ac.th>
next in thread | previous in thread | raw e-mail | index | archive | help
Olivier Nicole wrote: [snip] >>configuration? If both options are possible, is one better than the >>other? I'd prefer not to have to re-do my apache install, but if >>there's some compelling reason I should, I'm interested in knowing it. > > > You would have to modify the httpd.conf to activate SSL anyway. > > Have you a lot of things in the config yet? Just what I needed to get our webmail server running. Initially tried Horde, but ended up running into some problems with that, now trying Squirrelmail. >>Also, when I've got it, I want users to have the option to use it, >>not be forced to (tinkering with a Squirrelmail webmail server here), so >>any information on that would be more than welcome. > > > Any reason why you don't want to force your user to go SSL. They will > be exchanging password over the network, better it is crypted, don't > you think? Yes, absolutely, that's why I want the option to use SSL. However, we have some users that travel a lot, and sometime they absolutely need to be able to get to their email. SSL introduces another layer of complexity, and thus possibility for failure, into checking their email. While I prefer the security of SSL, if it's a choice between no email access for our travellers and access without SSL, my boss has been pretty clear that access, however it's achieved, is the key issue. > If it is a matter of not purchasing a certificate, you can put up a > page on the way to install the certificate once for all so the users > are not requested again to accept the certificate. While that's not really the issue for me, I'm interested in this idea anyway, as it saves some money and keeps us a little more self sufficient. If you'd care to explain this in further detail, or just point me at a doc somewhere that does, it would be much appreciated. > Usual configuration of Apache normally allows you to set-up two > servers, one on port 80 that is not crypted and one on port 443 that > is using SSL. Both services can share the same web pages, giving acces > both with and without SSL. I guess now I need to hit Google and find out how to do this on FreeBSD, as it sounds just like what I want, thanks! Regards, -- Patrick Baldwin Systems Administrator Studsvik Scandpower, Inc. 1087 Beacon St. Newton, MA 02459 1-617-965-7455
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?466D7322.1080602>