CONTENTS

Apache SSL

Tutorial Overview. This tutorial will guide you through the steps required to configure Apache with SSL. This tutorial includes two separate ways to accomplish this. The first, which starts on page 2, will use the Apache package which includes the files needed for OpenSSL. The second, which starts on page 3, will install Apache and OpenSSL separately. Generally, using the package is simpler as it requires less modification and there are fewer files to download. The deliverables are listed on page 6. Note: Only complete one of the two methods.

This tutorial is used in IS2771 Security in E-Commerce.

SSL. Short for Secure Sockets Layer, a protocol developed by Netscape for transmitting private documents via the Internet. SSL uses a cryptographic system that uses two keys to encrypt data, a public key known to everyone and a private or secret key known only to the recipient of the message.

Apache2. The Apache HTTP Server is a commercial-grade, open source implementation of a web server.

OpenSSL. OpenSSL is an open source toolkit implementing the Secure Sockets Layer and Transport Layer Security protocols as well as a full-strength general purpose cryptography library. The openssl program is a command line tool that is used for the various cryptography functions and will be used to create and manage your private keys and certificates.

Mod_SSL. This module provides cryptography for Apache via the Secure Socket Layer and Transport Layer Security protocols with the help of OpenSSL.