Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [mod-ssl]

The Apache Httpd interface to OpenSSL

mod_ssl is a module for the Apache HTTPD webserver which allows it to perform SSL and TLS encryption on connections. Documentation is provided by Apache covering installation and setup for httpd 2.0 and 2.2

This tag should be used for questions around compiling, building, configuring, extending, provisioning, debugging and using mod_ssl.

For questions around building Apache modules on top of mod_ssl, or working on the code, the mod-ssl tag on StackOverflow is likely to be a better place to ask.

272 questions
3
votes
1 answer

SHA-2 signed SSL certificate crashes apache on startup on CentOS 5.X

In preparation of the warnings that are going to start showing up in browsers when visiting SSL sites with SHA1 signed certificates, I wanted to get all of the certs that I have upgraded. Some of my infrastructure is running on "legacy" CentOS 5.X…
Steakfest
  • 51
  • 1
  • 5
3
votes
1 answer

Understanding relationship between openssl & mod_ssl

I am bit confused between openssl & mod_ssl, so after hours of googling & readding documentation i have to post my query here .. I am on apache 2 which has ssl inbuilt, so where can i check which openssl version is being used .. is it the machine's…
Anuj Tomar
  • 31
  • 1
  • 3
3
votes
1 answer

Apache SSL Certificate and Basic Auth combination - password if no certificate

Is it possible, to force apache to ask for password only if user don't have client-certificate installed? I'm almost sure, that this is possible, but I'm not able to find any confirmation anywhere. Is it possible to configure apache to act like…
Lisek
  • 309
  • 2
  • 7
  • 15
3
votes
1 answer

Discrepancy in SSL Ciphers between Apache 2.2 and OpenSSL 1.0.1

I'm running up-to-date Ubuntu 12.04 LTS with Apache 2.2.22-1ubuntu1.4 and OpenSSL 1.0.1-4ubuntu5.11. I have configured Apache to use ciphersuites list from https://wiki.mozilla.org/Security/Server_Side_TLS#Recommended_Ciphersuite It looks like…
Mxx
  • 2,362
  • 2
  • 28
  • 40
3
votes
1 answer

Certificates when using cas+apache (mod_auth_cas)

I'm running CAS authentication on one server, and a website that is to be secured on a seperate server on my local network. When I ran both CAS and Apache on the same server, they worked fine. When I separated them to two different physical hosts,…
Henrik Kjus Alstad
  • 263
  • 2
  • 9
3
votes
1 answer

is it possible to use KeyChain / ssh-agent with apache?

There are a lots a question (and duplicates) on serverfault asking how restart Apache without the passphrase prompt. Two solutions are proposed : removing the password from the key the apache directive that supply the key to Apache…
snowflake
  • 127
  • 3
  • 12
3
votes
1 answer

Is it possible to do client certificate authentication without running HTTPS on a webserver?

(Please note: this question is one of many "why don't you just try it?" questions. I certainly will, but since I haven't found an obvious answer by googling, I thought I might as well make it easier for someone who might need this later by asking on…
Nikolai Prokoschenko
  • 553
  • 1
  • 7
  • 21
3
votes
1 answer

How to setup multiple Apache SSL sites using multiple IP addresses

How do you setup a single Apache2 config to host multiple HTTPS sites each on their own IP address? There will also be multiple HTTP sites on just a single IP address. I do not want to use Server Name Indication (SNI) as described here, and I'm only…
Jeff
  • 1,416
  • 3
  • 28
  • 50
3
votes
1 answer

SSLVerifyClient not working in Directory context

According to Apache documentation about SSLVerifyClient, one can define its value in Directory context. However, the following configuration is not working: ... DocumentRoot…
elitalon
  • 209
  • 5
  • 15
3
votes
2 answers

Apache won't start after installing mod_ssl on CentOS

I need to run both http and https on the same hostnames on my server. I had everything running without SSL with hosts configured in the /etc/httpd/conf.d directory. System: CentOS release 5.6 (Final) Server: Apache/2.2.3 I was following the…
Ade
  • 699
  • 3
  • 10
  • 21
3
votes
3 answers

How can I install mod_ssl on an existing Apache2 installation without recompiling Apache

Updated question Older question Is mod_ssl not for versions of Apache over 1.3.41? I've got version 2.2.17 (currently latest) http://www.modssl.org/ Original question ./configure --with-apxs=/usr/local/apache/bin/apxs Configuring mod_ssl/2.8.30 for…
gAMBOOKa
  • 999
  • 6
  • 19
  • 34
2
votes
1 answer

OpenSSL error when compiling Apache HTTPD - undefined reference to `SSL_in_init'

We run Apache HTTPD as a production load balancer using mod_ssl with OpenSSL. I'm trying to recompile Apache HTTPD on the latest version (2.4.41) and am encountering the following error when running make. I'll include the error, but if more of the…
DGoodman
  • 43
  • 1
  • 5
2
votes
1 answer

How to Install mod_ssl on RHEL7 when it's missing from yum

I've been given a RHEL7 server with Apache 2.4.6 and OpenSSL and I would like to install mod_ssl. The issue is yum doesn't find the package: yum install mod_ssl No package mod_ssl available. Error: Nothing to do Also it is not found during a…
ServerBloke
  • 402
  • 1
  • 10
  • 20
2
votes
1 answer

SSLRequire %{SSL_CLIENT_S_DN_CN}

Q1) I'm new to Apache HTTP Server, I'm trying to configure the SSLRequire for particular contexts. Below are the 2 cases: a) Checking against CA-Signed Certificate's attributes, it is working as expected:
Damon Soon
  • 21
  • 1
  • 3
2
votes
1 answer

Why is my request queueing time so high?

I am running a Rails application server. My setup is: Apache 2, using mod_ssl for both https and ssl client certificates Phusion Passenger 5 Rails 4 Ruby 2.1 I use NewRelic to monitor the running application. I recently enabled monitoring for…
YWCA Hello
  • 203
  • 1
  • 2
  • 9
1 2 3
18 19