Installing Apache to Use SSL

This section describes how to install a secure version of the Apache web server. There are three major differences encountered when installing Apache to use SSL versus installing Apache normally:

Secure Sockets Layer software is required.

There are several sources of Secure Sockets Layer software. The OpenSSL is probably the most-commonly used with Apache

SSL patches must be applied to the Apache code before it is configured and compiled.

Unlike installing other Apache modules, SSL installation requires that the core Apache source code be modified or patched. Normal Apache modules—such as the PHP module—interact with Apache using a defined application programming interface or API. The Apache API provides functions that hide the details of dealing with HTTP from Apache module developers.

However, the code that implements SSL needs to encrypt and decrypt HTTP requests and responses. The Apache API is aimed at the wrong level, and SSL patches need to be applied to Apache. There are several open source and commercial SSL extensions and patches to Apache available. ApacheSSL (http://www.apache-ssl.org ) and mod_ssl (http://www.modssl.org) are both open source and easy to install. We describe the installation of ApacheSSL in this section.

A site certificate needs to be obtained and configured.

A self-signed certificate can be created, but it needs to replaced with a purchased certificate from a Certification Authority when an application goes live. There ...

Get Web Database Applications with PHP, and MySQL now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.