blob: 17697fd23cb3f186a137d1d02a71e78316afbbdc (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
|
Apache 1.3 + mod_ssl 2.8 ``mod_ssl combines the flexibility of
======================== Apache with the security of OpenSSL.''
The Apache Interface to OpenSSL ``The best SSL solution for
http://www.modssl.org/ Apache money can't buy.''
This is Apache version 1.3 plus mod_ssl which provides strong cryptography
via the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS
v1) protocols by the help of the SSL/TLS implementation toolkit OpenSSL which
is based on SSLeay from Eric A. Young and Tim J. Hudson. The mod_ssl package
was created in April 1998 by Ralf S. Engelschall and was originally derived
from software developed by Ben Laurie for use in the Apache-SSL HTTP server
project.
As a summary, here are its main SSL/TLS-related features:
o Open-Source software (BSD-style license)
o Useable for both commercial and non-commercial use
o Available for both Unix and Win32 (Windows 95/98/NT) platforms
o 128-bit strong cryptography world-wide
o Support for SSLv2, SSLv3 and TLSv1 protocols
o Support for both RSA and Diffie-Hellman ciphers
o Clean reviewable ANSI C source code
o Clean Apache module architecture
o Integrates seamlessly into Apache through an Extended API (EAPI)
o Full Dynamic Shared Object (DSO) support
o Advanced pass-phrase handling for private keys
o X.509 certificate based authentication for both client and server
o X.509 certificate revocation list (CRL) support
o Support for per-URL renegotiation of SSL handshake parameters
o Support for explicit seeding of the PRNG from external sources
o Additional boolean-expression based access control facility
o Backward compatibility to other Apache SSL solutions
o Inter-process SSL session cache (DBM and Shared Memory based)
o Powerful dedicated SSL engine logging facility
o Simple and robust application to Apache source trees
o Fully integrated into the Apache 1.3 configuration mechanism
o Additional integration into the Apache Autoconf-style Interface (APACI)
o Assistance in X.509v3 certificate generation (both RSA and DSA)
o Experimental support for external Crypto Devices (OpenSSL ENGINE)
All documentation can be found on-line on the Web:
o Apache: http://www.apache.org/
o mod_ssl: http://www.modssl.org/
o OpenSSL: http://www.openssl.org/
|