Chapter 25. Apache HTTP Secure Server Configuration
This chapter provides basic information on the Apache HTTP Server with the
mod_sslsecurity module enabled to use the OpenSSL library and toolkit. The combination of these three components are referred to in this chapter as the secure Web server or just as the secure server.
mod_sslmodule is a security module for the Apache HTTP Server. The
mod_sslmodule uses the tools provided by the OpenSSL Project to add a very important feature to the Apache HTTP Server — the ability to encrypt communications. In contrast, regular HTTP communications between a browser and a Web server are sent in plain text, which could be intercepted and read by someone along the route between the browser and the server.
This chapter is not meant to be complete and exclusive documentation for any of these programs. When possible, this guide points to appropriate places where you can find more in-depth documentation on particular subjects.
This chapter shows you how to install these programs. You can also learn the steps necessary to generate a private key and a certificate request, how to generate your own self-signed certificate, and how to install a certificate to use with your secure server.
mod_sslconfiguration file is located at
/etc/httpd/conf.d/ssl.conf. For this file to be loaded, and hence for
mod_sslto work, you must have the statement
Include conf.d/*.confin the
/etc/httpd/conf/httpd.conffile. This statement is included by default in the default Apache HTTP Server configuration file.