Jeffrey Koch wrote:
>
> I'm a bit confused on how to setup Apache-SSl. We already have a
> functioning Apache web server and want to add SSL to it. Now here are the
> questions:
>
> 1. Is the normal installation to have Apache-SSL replace the
> non-SSL httpd service and provide both SSL and non-SSL service or do we
> run two servers at the same time Apache and Apache-SSL?
It's cleaner and easier to have httpsd handle them both.
>
> 2. The installation left me with a directory /usr/local/etc/httpd/conf
> which contains srm.conf, access.conf, httpd.conf and mime.types. These
> appeared to be normal Apache conf files. It also left me with
> /usr/local/etc/httpd/SSLconf/conf which contains access.conf, fdd948c7.0@,
> httpd.conf, mime.types and srm.conf. Access.conf and srm.conf are supposed
> to be empty (which they are) and httpd.conf has the SSL configuration
> lines. I have no idea what fdd948c7.0 and why it is linked to
> /usr/local/etc/ssl/conf/httpsd.pem.
>
> - So what is fdd948c7.0?
> - And are the conf files in SSLconf/conf supposed to be copied into
> /usr/local/etc/httpd/conf to replace the original Apache stuff? And, if
> so, is the httpd.conf file suppoed to be expanded to include all the
> directives from our srm, access and httpd.conf files.
The preffered method these days is to use only httpd.conf and scrap the
rest (apart from mime.types, natch). To support your existing virtual
hosts, together with SSL based stuff, make sure the following is in your
main config:
Port 443
Listen 443
Listen 80
Then add:
SSLDisable
Port 80
To any virtual hosts that are not to be SSL'd.
cheers,
Adam
--
Adam Laurie Tel: +44 (181) 742 0755
A.L. Digital Ltd. Fax: +44 (181) 742 5995
Voysey House
Barley Mow Passage http://www.aldigital.co.uk
London W4 4GB mailto:adam@algroup.co.uk
UNITED KINGDOM PGP key on keyservers