This chapter provides basic information on the Apache HTTP Server with the
mod_ssl security module enabled to use the OpenSSL
library and toolkit. The combination of these three components
are referred to in this chapter as the secure Web server or just
as the secure server.
The mod_ssl module is a security module for the
Apache HTTP Server. The mod_ssl module uses the
tools provided by the OpenSSL Project to add a very important feature to the
Apache HTTP Server — the ability to encrypt communications. In contrast,
regular HTTP communications between a browser and a Web server
are sent in plain text, which could be intercepted and read by someone
along the route between the browser and the server.
This chapter is not meant to be complete and exclusive documentation for
any of these programs. When possible, this guide points to
appropriate places where you can find more in-depth documentation on
particular subjects.
This chapter shows you how to install these programs. You can also
learn the steps necessary to generate a private key and a certificate
request, how to generate your own self-signed certificate, and how to
install a certificate to use with your secure server.
The mod_ssl configuration file is located at
/etc/httpd/conf.d/ssl.conf. For this file to be
loaded, and hence for mod_ssl to work, you must
have the statement Include
conf.d/*.conf in the
/etc/httpd/conf/httpd.conf file. This statement is
included by default in the default Apache HTTP Server configuration file.
