Date: Mon, 11 Jun 2007 11:58:10 -0400 From: Patrick Baldwin <Patrick.Baldwin@studsvikscandpower.com> Cc: freebsd-questions@freebsd.org Subject: Re: [freebsd-questions] Best way to add SSL to Apache 1.3.37 Message-ID: <466D7112.5060304@studsvik.com> In-Reply-To: <20070608110303.49a9a605@localhost> References: <46682C53.8060505@studsvikscandpower.com> <20070608110303.49a9a605@localhost>
next in thread | previous in thread | raw e-mail | index | archive | help
Norberto Meijome wrote: > On Thu, 07 Jun 2007 12:03:31 -0400 > Patrick Baldwin <Patrick.Baldwin@studsvikscandpower.com> wrote: > > >>Hi, I'm running 6.2-RELEASE-p4, and Apache 1.3.37. I'd like to >>add SSL support, but I'm not sure of the best way to go about it. >> > > > may I ask why are you using Apache 1.3.x ? I think Apache 2 has shown itself to > be pretty good and reliable by now Using 1.3.x because I'm trying to set up a webmail server, and most of the docs I could find were written with 1.3.x in mind. Also, I'm more familiar with 1.3.x >>In: >> >>http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/network-apache.html >> >>Specifically section 27.7.5.1, it mentions you can add ssl support with >>mod_ssl, but I don't see it in my ports tree. >> >>I also found this: >>http://www.bsdguides.org/guides/freebsd/webserver/apache_ssl_php_mysql.php >> >>Which seems to suggest that I'd need to have installed the apache >>port /usr/ports/www/apache13-modssl instead of the package apache-1.3.37_3. > > > Indeed. > > >> >>So, do I need to remove the apache-1.3.37_3 package (presumably with >>pkg_delete, as I think that's the cleanest way, please correct me if I'm >>wrong), > > > pkg_deinstall apache-1.3* Excellent, thanks. I hadn't seen pkg_deinstall before, but checking out the man page seems to suggest I really should have been using it instead of pkg_delete; understanding wildcards and being able to recurse through dependencies seems very helpful. >> and re-install from the apache13-modssl port, or is there in >>fact some way to just get mod_ssl and add to my existing Apache >>configuration? > > > There may be, i haven't touched the 1.3 apache stuff for several years. If you > install www/apache22, it builds the SSL components by default. > > >>If both options are possible, is one better than the >>other? > > > You cannot have, by default (ie, withouth tinkering and knowing what you are > doing) both apache13 and apache13-mod_ssl. they are listed conflicts.( in the > Makefile for the port, search for the CONFLICTS line) > OK, I saw that, and then went and checked it for apache2: webmail# pwd /usr/ports/www/apache22 webmail# cat Makefile | grep CONFLICTS CONFLICTS= apache+mod_ssl-1.* apache+mod_ssl+ipv6-1.* apache+mod_ssl+modsnmp-1.* \ CONFLICTS+= apr-1.* This seems to me that I can have apache13 (without any SSL) and apache22 both installed, which would be great for me as I could work on building an SSL capable webmail server while users can still use the old webmail while the new one is in progress. >>I'd prefer not to have to re-do my apache install, but if >>there's some compelling reason I should, I'm interested in knowing it. > > > if you want ssl... Then I'm going to need to re-do apache some way, whether it be re-install and add SSL support to apache13, or move to apache22, got it. >>Also, when I've got it, I want users to have the option to use it, >>not be forced to (tinkering with a Squirrelmail webmail server here), so >>any information on that would be more than welcome. > > > Not sure what you mean by this. Your users will use HTTPS if they so request > it, or HTTP if they point it to http://yourserver/.... > I want my users to have the option to use SSL, but if they're having problems with it (browser issues, etc.) I still want them to be able to read their email, as sometime it's absolutely essential that they be able to keep up with email while on the road. -- Patrick Baldwin Systems Administrator Studsvik Scandpower, Inc. 1087 Beacon St. Newton, MA 02459 1-617-965-7455
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?466D7112.5060304>