Manualshelf

Installation guide

ManualsBrandsRed Hat ManualsSoftwareNETSCAPE MANAGEMENT SYSTEM 4.5 - CUSTOMIZATION GUIDE
131132133134135136137138139140
Chapter 14.
Apache Secure Server Configuration
14.1. Introduction
This chapter provides basic information on an Apache server with the mod_ssl security
module enabled to use the OpenSSL library and toolkit. The combination of these three
components, provided with Red Hat Linux, will be referred to in this chapter as the secure
Web server or just as the secure server.
The mod_ssl module is a security module for the Apache Web server. The mod_ssl module
uses the tools provided by the OpenSSL Project to add a very important feature to Apache
— the ability to encrypt communications. In contrast, using regular HTTP, communications
between a browser and a Web server are sent in plaintext, which could be intercepted and
read by someone along the route between the browser and the server.
This chapter is not meant to be complete and exclusive documentation for any of these pro-
grams. When possible, this guide will point you to appropriate places where you can find
more in-depth documentation on particular subjects.
This chapter will show you how to install these programs. You will also learn the steps
necessary to generate a private key and a certificate request, how to generate your own self-
signed certificate, and how to install a certificate to use with your secure Web server.
14.2. An Overview of Security-Related Packages
To enable the secure server, you need to have the following packages installed at a minimum:
apache
The apache package contains the httpd daemon and related utilities, configuration files,
icons, Apache modules, man pages and other files used by the Apache Web server.
mod_ssl
The mod_ssl package includes the mod_ssl module, which provides strong cryptogra-
phy for the Apache Web server via the Secure Sockets Layer (SSL) and Transport Layer
Security (TLS) protocols.
openssl
The openssl package contains the OpenSSL toolkit. The OpenSSL toolkit implements
the SSL and TLS protocols and also includes a general purpose cryptography library.
mm
The mm package contains the MM library, which allows multiple instances of the httpd
daemon to share state information.
Additionally, other software packages included with Red Hat Linux can provide certain se-
curity functionalities (but are not required by the secure server to function):