mod_ssl

mod_ssl is an optional module for the Apache HTTP Server.

Provides strong cryptography for the Apache v1.3 and v2 webserver via the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) cryptographic protocols by the help of the Open Source SSL/TLS toolkit OpenSSL.

It is possible to provide HTTP and HTTPS with a single server machine, because HTTP and HTTPS use different server ports, so there is no direct conflict between them. Either run two separate Apache server instances (one binds to port 80, the other to port 443) or even use Apache's virtual hosting facility where you can create two virtual servers which Apache dispatches: one responding to port 80 and speaking HTTP and one responding to port 443 speaking HTTPS.

Version clarification

The mod_ssl in Apache 2 is based on the mod_ssl for Apache 1.3, but the two versions are not the same module. The mod_ssl available at www.modssl.org is only for Apache 1.3. The mod_ssl module is part of Apache 2 by default, you just turn it on with configure/compile options, while for Apache 1.3.x it is an add-on package requiring a few other steps in the configure/compile process and additional packages to link with.

License

Free software portal

The mod_ssl package for Apache v1.3 is licensed under a BSD-style license, which basically means that you are free to get and use it for commercial and non-commercial purpose.

The mod_ssl module for Apache v2 is part of Apache v2, licensed with Apache License 2.0.

History

The mod_ssl v1 package was initially created in April 1998 by Ralf S. Engelschall via porting Ben Laurie's Apache-SSL 1.17 source patches for Apache 1.2.6 to Apache 1.3b6 ^[1]. Because of conflicts with Ben Laurie's development cycle it then was re-assembled from scratch for Apache 1.3.0 by merging the old mod_ssl 1.x with the newer Apache-SSL 1.18. From this point on mod_ssl lived its own life as mod_ssl v2.

The first publicly released version was mod_ssl 2.0.0 from August 10, 1998.

After US export restrictions on cryptographic software were loosened, mod_ssl became part of the Apache HTTP Server with the release of Apache httpd 2 ^[2].

As of 2009-10-10, latest version released ^[3]: mod_ssl v2.8.31-1.3.41, for Apache 1.3.41, on 2008-02-08.

See also

Some general purpose Apache modules

• mod_deflate — compress content before it is delivered to the client. For Apache v2 only.
• mod_gzip — compress content, similar to mod_deflate. For Apache v1 and v2.
• mod_proxy — a proxy/cache for Apache.
• mod_rewrite — a URL rewriter for Apache.

Some programming language interfaces for Apache

• Apache Rivet — a programming system that allows developers to use Tcl as a scripting language for creating dynamic web sites. See also mod_tcl.
• mod_jk — the connector used to connect Tomcat (Java) servlet container with web servers (not only with Apache).
• mod_lisp — and extension module for Apache that enables Apache to interface with web applications written in Lisp.
• mod_lua — embeds a Lua interpreter into Apache. See also mod_wombat.
• mod_mono — a module for Apache that allows for hosting of ASP.NET pages and other assemblies on multiple platforms by use of the Mono development platform.
• mod_parrot — embeds a Parrot virtual machine interpreter into the Apache server.
• mod_perl — embeds a Perl interpreter into Apache.
• mod_php — embeds a PHP interpreter into Apache.
• mod_python — embeds a Python interpreter into Apache. See also mod_wsgi.
• mod_ruby — embeds a Ruby interpreter into Apache.
• mod_tcl — language interface to Tcl for Apache. See also Apache Rivet.
• mod_wombat — embeds a Lua interpreter into Apache. See also mod_lua.
• mod_wsgi — provides a WSGI compliant interface for hosting Python 2.3+ based web applications under Apache. See also mod_python.

External links

• Official mod_ssl website — this module only for Apache 1.x.
  • Support: its mailing lists.
• Apache Module mod_ssl — mod_ssl is part of Apache 2 by default.

Notes