Re: apache + libapache-mod-ssl vs. apache-ssl?

To: debian-apache@lists.debian.org
Subject: Re: apache + libapache-mod-ssl vs. apache-ssl?
From: Andrew Shugg <andrew@neep.com.au>
Date: Sat, 1 Mar 2003 18:19:00 +0800
Message-id: <[🔎] 20030301181858.A23492@neep.com.au>
Mail-followup-to: debian-apache@lists.debian.org
In-reply-to: <20030224042938.GC2489@eschatek.com>; from cipher@eschatek.com on Sun, Feb 23, 2003 at 08:29:38PM -0800
References: <20030224042938.GC2489@eschatek.com>

J B Bell said:
> Hello all,
> 
> I'm unclear on the intention of the apache-ssl package.  It doesn't
> provide a daemon with the ssl library compiled in, yet it uses a
> different (apparently) DSO from the one obtainable as a separate
> package.
> 
> Currently I'm using the plain vanilla apache pkg and would like to add
> SSL.  Unfortunately, after doing the dance as written in
> /usr/share/doc scripture, while the ssl_engine_log and error.log give
> every indication that SSL is up and running, connections to port 443
> are rejected, and netstat -l reveals no listening on port 443 at all.
> I think this eliminates my firewall (shorewall, fwiw) as a culprit,
> which has a hole for port 443 anyway.
> 
> Am I doing something heinously wrong by even adding libapache-mod-ssl
> to the plain vanilla apache package?  Is there some canonical
> Debianish way of handling SSL that I'm missing?  All replies, even
> surly demands to read appropriate docs (if a pointer is included) are
> greatly appreciated.
> 
> --JB

They are two different things - apache-ssl and apache+mod_ssl.

If you refer to the Apache-SSL web site, there is a polite note to this
effect:

     There appears to be some confusion regarding Apache-SSL and
     mod_ssl. To set the record straight: mod_ssl is not a replacement
     for Apache-SSL - it is an alternative, in the same way that Apache
     is an alternative to Netscape/Microsoft servers, or Linux is an
     alternative to FreeBSD. It is a matter of personal choice as to
     which you run. mod_ssl is what is known as a 'split' - i.e. it was
     originally derived from Apache-SSL, but has been extensively
     redeveloped so the code now bears little relation to the original.

     Apache-SSL continues to be developed and maintained, our main focus
     being on reliability, security and performance, rather than
     features and bells and whistles. I hope this makes things clear.
     (Adam Laurie).

I'm not entirely clear on what you've got installed.  For apache and
mod_ssl you should refer to the information in the libapache-mod-ssl-doc
package; for apache-ssl you've got /usr/share/doc/apache-ssl/* ...

Andrew.

-- 
Andrew Shugg <andrew@neep.com.au>                   http://www.neep.com.au/

"Just remember, Mr Fawlty, there's always someone worse off than yourself."
"Is there?  Well I'd like to meet him.  I could do with a good laugh."

Reply to:

Follow-Ups:
- Re: apache + libapache-mod-ssl vs. apache-ssl?
  - From: J B Bell <cipher@eschatek.com>

Next by Date: Re: EAPI_MM support for apache
Next by thread: Re: apache + libapache-mod-ssl vs. apache-ssl?
Index(es):
- Date
- Thread