Includes SSLeay Encryption Software

Module mod_ssl
Apache Interface to SSLeay


mod_ssl

Summary

This module provides strong cryptography for Apache via Netscape's Secure Socket Layer (SSL) through the free SSL implementation library SSLeay from Eric A. Young and Tim Hudson. The mod_ssl package was created by Ralf S. Engelschall and is based in parts on the Apache-SSL package developed by Ben Laurie. The mod_ssl package is licensed under a BSD-style license, which means, in short, that you are free to use it for commercial and non-commercial purposes (although you are advised to read the `` SSLeay - Is this legal'' FAQ before deploying a server), so long as you retain the copyright notices.

Restrictions

ATTENTION: This module uses strong cryptography and falls under certain export/import and use restrictions: Please REMEMBER that export and/or use of cryptography software or even just providing cryptography hooks is illegal in some parts of the world. When you re-distribute this package or even email patches/suggestions to the authors or other people PLEASE PAY CLOSE ATTENTION TO ANY APPLICABLE EXPORT/IMPORT LAWS. The author of mod_ssl is not liable for any violations you make here. So be carefully yourself.

Installation

Actually this module it is both a source extension (the module) and set of source patches for Apache. But because the main source parts are containing in the src/modules/ssl/ subdirectory as a regular Apache module it is documented like a standard module. It is not compiled in by default. You have to configure Apache via
$ SSL_BASE=/path/to/ssleay ./configure ... --enable-module=ssl
to enable this module and the source patches in the Apache kernel sources.


Directives

Additional Features

Frequently Asked Questions

  1. What are the differences between mod_ssl and the original Apache-SSL?
  2. Ok, does this mean I should avoid using Apache-SSL any longer?
  3. On which Apache-SSL version is mod_ssl actually based?
  4. Why is mod_ssl's version starting with 2.0.0?
  5. How do I know which mod_ssl version is for which Apache version?
  6. I want to run HTTP and HTTPS on the same machine. Is that possible?
  7. I know that HTTP is on port 80, but where is HTTPS?
  8. How can I speak HTTPS manually for testing puposes?
  9. What are RSA private keys, CSR's and Certificates?
  10. Seems like there is a difference on startup between the original Apache and an SSL-aware Apache?
  11. How can I create a dummy SSL server certificate for testing purposes?
  12. Ok, I've got my server installed and not want to create a real SSL server certificate for it. How do I do it?
  13. How can I create and use my own Certificate Authority (CA)?
  14. How can I get rid of the pass-phrase dialog on Apache startup time?
  15. How do I verify that a private key matches its certificate?
  16. Why does my 2048-bit private key not work?
  17. Why is client authentication broken after upgrading from SSLeay version 0.8 to 0.9?
  18. Why does my browser hang when I connect to my SSL-aware Apache server?
  19. How can I use relative hyperlinks to switch between HTTP and HTTPS?
  20. Why has my webserver a higher load now that I run SSL there?
  21. What SSL Ciphers are supported by mod_ssl?
  22. Why cannot I use SSL with my name-based virtual hosts?


Directives


SSLDisable

Syntax: SSLDisable
Default: SSLEnable
Context: server config, virtual host
Override: Not applicable
Status: Extension
Module: mod_ssl
Compatibility: Only available in Apache 1.3 with mod_ssl applied.

This directive disables the SSL protocol engine. Usually used inside the main server to disable SSL for it while there are other virtual servers for which SSL is enabled (via SSLEnable).

Example:

SSLDisable
...
<VirtualHost _default_:443>
...
</VirtualHost>


SSLEnable

Syntax: SSLEnable
Default: SSLEnable
Context: server config, virtual host
Override: Not applicable
Status: Extension
Module: mod_ssl
Compatibility: Only available in Apache 1.3 with mod_ssl applied.

This directive enables the SSL protocol engine. Usually used inside a virtual host to enable SSL for it.

Example:

...
<VirtualHost _default_:443>
SSLEnable
...
</VirtualHost>


SSLRequireSSL

Syntax: SSLRequireSSL
Default: None
Context: directory, .htaccess
Override: Not applicable
Status: Extension
Module: mod_ssl
Compatibility: Only available in Apache 1.3 with mod_ssl applied.

This directive forbids access except when SSL is in use. Very handy inside the SSL-enabled virtual host for defending against configuration errors that expose stuff that should be protected.

Example:

SSLRequireSSL


SSLCertificateFile

Syntax: SSLCertificateFile file
Default: none
Context: server config, virtual host
Override: Not applicable
Status: Extension
Module: mod_ssl
Compatibility: Only available in Apache 1.3 with mod_ssl applied.

This directive points to a PEM-encoded SSL server Certificate file and optionally also the corresponding server RSA Private Key file. If the certificate is encrypted, you will be prompted for a pass-phrase at startup time of Apache.

Example:

SSLCertificateFile /usr/local/apache/etc/ssl.crt/server.crt


SSLCertificateKeyFile

Syntax: SSLCertificateKeyFile
Default: same file as given with SSLCertificateFile
Context: server config, virtual host
Override: Not applicable
Status: Extension
Module: mod_ssl
Compatibility: Only available in Apache 1.3 with mod_ssl applied.

This directive points to the PEM-encoded server RSA Private Key file. If the private key is not combined with the certificate in the SSLCertificateFile, use this additional directive to point at the file with the private key. When SSLCertificateFile is used and the file contains both the certificate and the private key this directive need not be used. If the private key is encrypted, you will be prompted for a pass-phrase at startup time of Apache.

Example:

SSLCertificateKeyFile /usr/local/apache/etc/ssl.key/server.key


SSLCACertificatePath

Syntax: SSLCACertificatePath directory
Default: None
Context: server config, virtual host
Override: Not applicable
Status: Extension
Module: mod_ssl
Compatibility: Only available in Apache 1.3 with mod_ssl applied.

This directive sets the directory path where you keep the Certificates (the Public Keys) of Certification Authorities (CA) whose clients you deal with. These are used for SSL Client Authentication. The files in this directory have to be PEM-encoded and are accessed through hash filenames. So usually you not only place the certificate files there. Additionally you have to create symlinks named hashvalue.0. So you should always make sure this directory contains the appropriate symlinks. Use the Makefile the mod_ssl patch added to this dir to accomplish this task.

Example:

SSLCACertificatePath /usr/local/apache/etc/ssl.crt/


SSLCACertificateFile

Syntax: SSLCACertificateFile file
Default: None
Context: server config, virtual host
Override: Not applicable
Status: Extension
Module: mod_ssl
Compatibility: Only available in Apache 1.3 with mod_ssl applied.

This directive sets the all-in-one file where you assembled the Certificates (the Public Keys) of Certificate Authorities (CA). It is used for two situations: First it is consulted by mod_ssl for client authentication and here it has to contain the certificates of the CAs whose clients you deal with (similar to SSLCACertificatePath). Second this file is sent to the client for server authentication purposes when intermediate issuer certificates are needed. Here the client can do the ``SSLv3 write Certificate request A'' for loading intermediate CA certificates in the certificate chain (only SSLv3). The file itself is simply the concatenation of the various PEM-encoded certification files.

Example:

SSLCACertificateFile /usr/local/apache/etc/ssl.crt/ca-bundle.crt


SSLVerifyClient

Syntax: SSLVerifyClient level
Default: SSLVerifyClient 0
Context: server config, virtual host
Override: Not applicable
Status: Extension
Module: mod_ssl
Compatibility: Only available in Apache 1.3 with mod_ssl applied.

This directive sets the verification level for the SSL Client Authentication. The following levels are available for level:

In practice only levels none and require are interesting. Because level optional doesn't work with all browsers and level optional_no_ca is actually against the idea of authentication.

Example:

SSLVerifyClient require


SSLVerifyDepth

Syntax: SSLVerifyDepth number
Default: SSLVerifyDepth 1
Context: server config, virtual host
Override: Not applicable
Status: Extension
Module: mod_ssl
Compatibility: Only available in Apache 1.3 with mod_ssl applied.

This directive sets how deeply SSLeay should verify before deciding the clients don't have a valid certificate. The depth actually is the number of max certificate issuers, i.e. the number of CA certificates which are max allowed to be followed while verifying the client certificate. A depth of 0 means self-signed client certificates are accepted only, the default depth of 1 means the client certificate can be self-signed or has to be signed by a CA which is directly known to the server (i.e. the CA's certificate is under SSLCACertificatePath), etc.

Example:

SSLVerifyDepth 1


SSLRequiredCiphers

Syntax: SSLRequiredCiphers cipher-list
Default: None
Context: server config, virtual host
Override: Not applicable
Status: Extension
Module: mod_ssl
Compatibility: Only available in Apache 1.3 with mod_ssl applied.

This directive sets the colon-separated list of Ciphers that the client is permitted to negotiate. But notice that not all ciphers you can configure for SSLeay are actually implemented. Especially non-RSA ciphers are not supported. The current list of known SSL chipers are the possible values:

NULL-MD5                    EDH-DSS-DES-CBC3-SHA
NULL-SHA                    EXP-EDH-RSA-DES-CBC 
EXP-RC4-MD5                 EDH-RSA-DES-CBC-SHA 
RC4-MD5                     EDH-RSA-DES-CBC3-SHA
RC4-SHA                     EXP-ADH-RC4-MD5     
EXP-RC2-CBC-MD5             ADH-RC4-MD5         
IDEA-CBC-MD5                EXP-ADH-DES-CBC-SHA 
EXP-DES-CBC-SHA             ADH-DES-CBC-SHA     
DES-CBC-SHA                 ADH-DES-CBC3-SHA    
DES-CBC3-SHA                FZA-NULL-SHA        
EXP-DH-DSS-DES-CBC-SHA      FZA-FZA-CBC-SHA     
DH-DSS-DES-CBC-SHA          FZA-RC4-SHA         
DH-DSS-DES-CBC3-SHA         DES-CFB-M1          
EXP-DH-RSA-DES-CBC-SHA      RC2-CBC-MD5         
DH-RSA-DES-CBC-SHA          DES-CBC-MD5         
DH-RSA-DES-CBC3-SHA         DES-CBC3-MD5        
EXP-EDH-DSS-DES-CBC-SHA     RC4-64-MD5          
EDH-DSS-DES-CBC-SHA

Example:

SSLRequiredCiphers RC4-MD5:RC4-SHA:IDEA-CBC-MD5:DES-CBC3-SHA


SSLRequireCipher

Syntax: SSLRequireCipher cipher-list
Default: None
Context: directory, .htaccess
Override: FileInfo
Status: Extension
Module: mod_ssl
Compatibility: Only available in Apache 1.3 with mod_ssl applied.

This directive adds a cipher to the per directory list of required ciphers.

Example:

SSLRequireCipher RC4-MD5


SSLBanCipher

Syntax: SSLBanCipher cipher-list
Default: None
Context: directory, .htaccess
Override: FileInfo
Status: Extension
Module: mod_ssl
Compatibility: Only available in Apache 1.3 with mod_ssl applied.

This directive forces a cipher to be banned in a per directory context.

Example:

SSLBanCipher RC4-MD5


SSLFakeBasicAuth

Syntax: SSLFakeBasicAuth
Default: None
Context: server config, virtual host
Override: Not applicable
Status: Extension
Module: mod_ssl
Compatibility: Only available in Apache 1.3 with mod_ssl applied.

This directive translates the client X509 into a HTTP Basic Authorization. This means that the standard Apache authentication methods can be used for access control. The user name is the subject of the client's X509 certificate (can be determined by running SSLeay's x509 command: x509 -noout -subject -in certificate.pem). Note that no password is obtained from the user. Every entry in the user file needs this password: ``xxj31ZMTZzkVA'', which is the encrypted version of the word ``password''.

Example:

SSLFakeBasicAuth


SSLCacheServerPort

Syntax: SSLCacheServerPort port
Default: None
Context: server config, virtual host
Override: Not applicable
Status: Extension
Module: mod_ssl
Compatibility: Only available in Apache 1.3 with mod_ssl applied.

This directive configures the TCP/IP port (when port is numerical) or Unix domain socket (when port is a filename) for the global SSL Session Cache server process (the program ssl_gcache).

Example:

SSLCacheServerPort logs/ssl_gcache_port


SSLCacheServerPath

Syntax: SSLCacheServerPath file
Default: None
Context: server config, virtual host
Override: Not applicable
Status: Extension
Module: mod_ssl
Compatibility: Only available in Apache 1.3 with mod_ssl applied.

This directive configures the file path for the global SSL Session Cache server process (the program ssl_gcache).

Example:

SSLCacheServerPath /usr/local/apache/sbin/ssl_gcache


SSLSessionCacheTimeout

Syntax: SSLSessionCacheTimeout seconds
Default: SSLSessionCacheTimeout 300
Context: server config, virtual host
Override: Not applicable
Status: Extension
Module: mod_ssl
Compatibility: Only available in Apache 1.3 with mod_ssl applied.

This directive set the SSL session cache timeout, in seconds. It can be set to low number like 15 for testing, but should be set to higher values like 300 in real life.

Example:

SSLSessionCacheTimeout 600


SSLLogFile

Syntax: SSLLogFile file
Default: None
Context: server config, virtual host
Override: Not applicable
Status: Extension
Module: mod_ssl
Compatibility: Only available in Apache 1.3 with mod_ssl applied.

This directive sets a home for miscellaneous messages generated by mod_ssl. Much of it is duplicated in the error log file. Put this somewhere where it cannot be used for symlink attacks on a real server (i.e. somewhere where only root can write).

Example:

SSLLogFile logs/ssl_misc_log


Additional Features


Additional Environment Variables

This module provides a few additional environment variables to the SSI and CGI interfaces:

Name Value Description



HTTPS flag HTTPS is being used.
HTTPS_CIPHER string SSL/TLS cipher specification
SSL_CIPHER string The same as HTTPS_CIPHER
SSL_PROTOCOL_VERSION string The SSL protocol version
SSL_SSLEAY_VERSION string The SSLeay program version
HTTPS_KEYSIZE number Number of bits in the session key
HTTPS_SECRETKEYSIZE number Number of bits in the secret key
SSL_CLIENT_DN string DN in client's certificate
SSL_CLIENT_x509 string Component of client's DN
SSL_CLIENT_IDN string DN of issuer of client's certificate
SSL_CLIENT_Ix509 string Component of client's issuer's DN
SSL_SERVER_DN string DN in server's certificate
SSL_SERVER_x509 string Component of server's DN
SSL_SERVER_IDN string DN of issuer of server's certificate
SSL_SERVER_Ix509 string Component of server's issuer's DN

[where x509 is a component of an X509 DN]


Additional Custom Log Formats

The source patches for mod_ssl also added four new format identifiers for the Custom Log Format of mod_log_config.
%...{version}c:    SSL protocol version
%...{cipher}c:     SSL cipher
%...{subjectdn}c:  Client certificate subject distinguished name
%...{issuerdn}c:   Client certificate issuer  distinguished name
%...{errcode}c:    X509 verify error code
%...{errstr}c:     X509 verify error string
Use these with the CustomLog directive to create a custom SSL logfile:
CustomLog logs/ssl_log "%t %{version}c %{cipher}c %{subjectdn}c %{issuerdn}c"   


Frequently Asked Questions


  1. What are the differences between mod_ssl and the original Apache-SSL?

    This cannot be answered in short, because there are a lot of changes (see the CHANGES file in the mod_ssl distribution for detailed information). Most of them are internal changes and re-organizations of the source code. But the user visible changes are mainly the following:

    • mod_ssl provides a complete documentation (this document) of all configuration directives, environment variables, etc. while Apache-SSL still has no such documentation although it exists for over three years now. Additionally mod_ssl provides answers to often occuring frequently asked questions (this list) in the Apache/SSL/SSLeay area. For instance mod_ssl gives detailed hints about how to setup a CA, how to create real a server certificate, etc. Because these are the typical hurdles every user stumbles over.

    • mod_ssl comes as clean and documented source code with the intent that only this way the user is able to re-view it for backdoors, security holes, etc. This is considered important for security-related software. It's absolutely incomprehensible to the author how Apache-SSL could exist for over three years while both the source code and the source patches were provided in an undocumented and partly unreadable format. For the mod_ssl package the source codes follows the Apache coding style, is logically ordered to follow the API phases and even the patches to the Apache source tree are annotated with descriptions to give the user a chance to re-view and understand them.

    • mod_ssl can be easily applied to the Apache source tree because it provides an automated process for this task while Apache-SSL forces the user to fiddle with the patch and cp tools theirself. Just because security is not for amateurs haven't mean that user friendliness is not important. So it's a must to assist the user in applying the SSL-stuff to vanilla Apache sources.

    • mod_ssl fixes a lot of bugs and inconsistencies in Apache-SSL. For Apache experts here are a few impressions: Apache-SSL wrote directly to stderr instead of the Apache error logfile; it messed up it's error messages with the SSLeay error messages, it directly patched the SERVER_BASEVERSION define instead of using the Apache 1.3 conforming ap_add_version_component function; it used the unsafe sprintf function instead of the robust ap_snprintf; it incorrectly spawned and killed the gcache auxiliary program and it totally failed to pass the ``gcc -Wall -Wshadow -Wpointer-arith -Wcast-align -Wmissing-prototypes -Wmissing-declarations -Wnested-externs -Winline'' test (while Apache passes it) because of unclean code.

      Additionally Apache-SSL it didn't provide a way to easily apply it to the Apache source tree (semi-manual editing and patching was required); it didn't seamlessly integrate into the new Apache 1.3 Autoconf-style Interface (APACI) under configuration time; it didn't automatically recognize the difference between an installed SSLeay and an out-of-the-source-only SSLeay; it didn't provide integration into the APACI installation process (make install); it used numbers 0 to 2 instead of reasonable names for the argument of SSLVerifyClient just because internally an enum was used and for the provided %{version}c construct of CustomLog it used the results "2", "3" under SSLeay 0.8 while under SSLeay 0.9 the results were "SSL2", "SSL3", etc. pp.

    For more details I really advice you to read the CHANGES file from the mod_ssl distribution.

  2. Ok, does this mean I should avoid using Apache-SSL any longer?

    No, it just means that you can use mod_ssl. Beside some little flaws Apache-SSL works great. Ben Laurie did and still does a great job in maintaining it. The big difference is just that Ben's goals are different from my goals. So, as long as you don't get bothered by inconsistencies and other flaws you don't have to upgrade. Instead you should decide yourself if you already feel comfortable or not. If yes, stay with Apache-SSL - if not, move to mod_ssl or (even better) one of the commercial SSL solutions for Apache. Or in other words: No solution is better than another in general. Which one you should use depends mainly on your personal requirements.

  3. On which Apache-SSL version is mod_ssl actually based?

    The mod_ssl package was initially created by porting the Apache-SSL 1.17 stuff from Apache 1.2.6 to Apache 1.3b6. Because of conflicts with Ben Laurie's development cycle it then was re-assembled from scratch for Apache 1.3.0 by merging the old mod_ssl with the newer Apache-SSL 1.18. From this point mod_ssl lived its own life and changes with Apache-SSL releases were merged after they were released. In other words: mod_ssl is based on the latest Apache-SSL and always will contain all useful changes which will occur with Apache-SSL in the future.

  4. Why is mod_ssl's version starting with 2.0.0?

    Because initially the mod_ssl project was intended as a contribution to the Apache-SSL project from Ben Laurie. The idea was that mod_ssl formed Apache-SSL 2.0.0. But after Ralf S. Engelschall and Ben Laurie couldn't find a reasonable compromise in merging mod_ssl with Apache-SSL, the stuff was released as a new package named `mod_ssl'. But to still indicate that it's some `second generation' stuff, the first mod_ssl version was named 2.0.0.

  5. How do I know which mod_ssl version is for which Apache version?

    That's trivial: mod_ssl uses version strings of the syntax <mod_ssl-version>-<apache-version>, for instance 2.0.15-1.3.3. This directly indicated that it's mod_ssl version 2.0.15 for Apache version 1.3.3. And this also means you only can apply this mod_ssl version to exactly this Apache version.

  6. I want to run HTTP and HTTPS on the same machine. Is that possible?

    There are two ways to do this: run two server daemons, or run both services from the same daemon. Unless there is a good reason to run two (like using a different product for secure/non-secure), it's usually simplest to run a single daemon and disable SSL on those virtual hosts that don't need it. If you wish to run two daemons you must make sure that they each only try to bind to their alloted ports (normally port 80 for non-secure and 443 for secure).

  7. I know that HTTP is on port 80, but where is HTTPS?

    You can run HTTPS on any port, but the standard specifies port 443, which is where any compliant browser will look by default. You can force your browser to look on a different port by specifying it in the URL like this (for port 666): https://secure.server.dom:666/

  8. How can I speak HTTPS manually for testing purposes?

    While you usually just use

    $ telnet localhost 80
    GET / HTTP/1.0

    for simple testing the HTTP protocol of Apache, it's not such easy for HTTPS because of the SSL protocol between TCP and HTTP. But with the help of SSLeay's s_client program you can do a similar check even for HTTPS:

    $ s_client -host localhost -port 443
    GET / HTTP/1.0

    Before the actual HTTP response you receive detailed information about the SSL handshake.

  9. What are RSA private keys, CSR's and Certificates?

    The RSA private key file is a digital file that you can use to decrypt messages sent to you. It has a public component which you distribute (via your Certificate file) which allows people to encrypt those messages to you. A Certificate Signing Request (CSR) is a digital file which contains your public key and your name. You send the CSR to a Certifying Authority (CA) to be converted into a real Certificate. A Certificate contains your RSA public key, your name, the name of the CA, and is digitally signed by your CA. Browsers that know the CA can verify the signature on that certificate, thereby obtaining your RSA public key. That enables them to send messages which only you can decrypt.

  10. Seems like there is a difference on startup between the original Apache and an SSL-aware Apache?

    Yes, in general, starting Apache with a built-in mod_ssl is just like starting an unencumbered Apache, except for the exception when you have a pass-phrase on your SSL private key file. Then a terminal dialog pops up at startup time.Because of the way the server As an alternative to this situation you can follow the steps below under ``How can I get rid of the pass-phrase dialog on Apache startup time?''.

  11. How can I create a dummy SSL server certificate for testing purposes?

    A certificate does not have to be signed by a public CA. You can use your private key to sign the certificate which contains your public key. You can install this certificate into your server, and people using Netscape Navigator (not MSIE) will be able to connect after clicking OK to a warning dialogue. You can get MSIE to work, and your customers can eliminate the dialogue, by installing that certificate manually into their browsers.

    Just use the ``make certificate'' command at the top-level directory of the Apache source tree right before installing Apache via ``make install''. This creates a self-signed SSL certificate which expires after 30 days and isn't encrypted (which means you don't need to enter a pass-phrase on Apache startup time).

    BUT REMEMBER: YOU REALLY HAVE TO CREATE A REAL CERTIFICATE FOR THE LONG RUN! HOW THIS IS DONE IS DESCRIBED IN THE NEXT ANSWER.

  12. Ok, I've got my server installed and not want to create a real SSL server certificate for it. How do I do it?

    Here is a step-by-step description:

    1. Make sure SSLeay is really installed and in your PATH. But some commands even work ok when you just run the ``ssleay'' program from within the SSLeay source tree as ``./apps/ssleay''.

    2. Create a RSA private key for your Apache server (will be Triple-DES encrypted and PEM formatted):

      $ ssleay genrsa -des3 -out server.key 1024

      Please backup this server.key file and remember the pass-phrase you had to enter at a secure location. You can see the details of this RSA private key via the command:

      $ ssleay rsa -noout -text -in server.key

      And you could create a decrypted PEM version (not recommended) of this RSA private key via:

      $ ssleay rsa -in server.key -out server.key.unsecure

    3. Create a Certificate Signing Request (CSR) for the server RSA private key (output will be PEM formatted):

      $ ssleay req -new -days 365 -key server.key -out server.csr

      You can see the details of this CSR via the command

      $ ssleay req -noout -text -in server.csr

    4. You now have to send this Certificate Signing Request (CSR) to a Certifying Authority (CA) for signing. The result is then a real Certificate which can be used for Apache. Here you have to options: First you can let the CSR sign by a commercial CA like Verisign or Thawte. Then you usually have to post the CSR into a web form, pay for the signing and await the signed certificate you then can store into a server.crt file. For more information about commercial CAs have a look at the following locations:

      Second you can use your own CA and now have to sign the CSR yourself by this CA. Read the next answer in this FAQ on how to sign a CSR with your CA yourself. You can see the details of the received certificate via the command:

      $ ssleay x509 -noout -text -in server.crt

    5. Now you have two files: server.key and server.crt. These now can be used as following inside your Apache's httpd.conf file:
             SSLCertificateFile    /path/to/this/server.crt
             SSLCertificateKeyFile /path/to/this/server.key
             
      The server.csr file is no longer needed.

  13. How can I create and use my own Certificate Authority (CA)?

    The short answer is to use the CA.sh script provided by SSLeay. The long and manual answer is this:

    1. Create a RSA private key for your CA (will be Triple-DES encrypted and PEM formatted):

      $ ssleay genrsa -des3 -out ca.key 1024

      Please backup this ca.key file and remember the pass-phrase you currently entered at a secure location. You can see the details of this RSA private key via the command

      $ ssleay rsa -noout -text -in ca.key

      And you can create a decrypted PEM version (not recommended) of this private key via:

      $ ssleay rsa -in ca.key -out ca.key.unsecure

    2. Create a self-signed CA Certificate (X509 structure) for the RSA key of the CA (output will be PEM formatted):

      $ ssleay req -new -x509 -days 365 -key ca.key -out ca.crt

      You can see the details of this certificate via the command:

      $ ssleay x509 -noout -text -in ca.crt

    3. Prepare a script for signing which is needed because the ``ssleay ca'' command has some strange requirements and the default SSLeay config doesn't allow one easily to use ``ssleay ca'' directly. So a script named ca.sign is distributed with the mod_ssl distribution. Use this script for signing.

    4. Now you can use this CA to sign CSR's in order to create real SSL Certificates for use inside an Apache webserver:

      $ ./ca.sign server.csr

      This signs the CSR and results in a server.crt file.

  14. How can I get rid of the pass-phrase dialog on Apache startup time?

    The reason why this dialog pops up at startup and every re-start is that the RSA private key inside your server.key file is stored in encrypted format for security reasons. The pass-phrase is needed to be able to read and parse this file. When you can be sure that your server is secure enough you perform two steps:

    1. Remove the encryption from the RSA private key (while preserving the original file):

      $ cp server.key server.key.org
      $ ssleay rsa -in server.key.org -out server.key

    2. Make sure the server.key file is now only readable by root:

      $ chmod 400 server.key

    Now server.key will contain an unencrypted copy of the key. If you point your server at this file it will not prompt you for a pass-phrase. HOWEVER, if anyone gets this key they will be able to impersonate you on the net. PLEASE make sure that the permissions on that file are really such that only root or the web server user can read it (preferably get your web server to start as root but run as another server, and have the key readable only by root).

  15. How do I verify that a private key matches its certificate?

    The private key contains a series of numbers. Two of those numbers form the "public key", the others are part of your "private key". The "public key" bits are also embedded in your certificate (we get them from your CSR). To check that the public key in your cert matches the public portion of your private key, you need to view the cert and the key and compare the numbers. To view the certificate and the key run the commands:

    $ ssleay x509 -noout -text -in server.crt
    $ ssleay rsa -noout -text -in server.key

    The `modulus' and the `public exponent' portions in the key and the certificate must match.

  16. Why does my 2048-bit private key not work?

    The private key sizes must be either 512 or 1024 for compatibility with certain web browsers. A keysize of 1024 bits is recommended because keys larger than 1024 bits are incompatible with some versions of Netscape Navigator and Microsoft Internet Explorer, and with other browsers that use RSA's BSAFE cryptography toolkit.

  17. Why is client authentication broken after upgrading from SSLeay version 0.8 to 0.9?

    The CA certificates under the path you configured with SSLCACertificatePath are found by SSLeay through hash symlinks. These hash values are generated by the `ssleay x509 -noout -hash' command. But the algorithm used to calculate the hash for a certificate has changed between SSLeay 0.8 and 0.9. So you have to remove all old hash symlinks and re-create new ones after upgrading. Use the Makefile mod_ssl placed into this directory.

  18. Why does my browser hang when I connect to my SSL-aware Apache server?

    Because you used an URL of the form ``http://'' instead of ``https:''. Really! Also, if you see: ``SSL_Accept failed error:140760EB:SSL routines: SSL23_GET_CLIENT_HELLO:unknown protocol'' in your Apache error logfile, it's for the same reason.

  19. How can I use relative hyperlinks to switch between HTTP and HTTPS?

    Usually you have to use fully-qualified hyperlinks because you have to change the URL scheme. But with the help of some URL manipulations through mod_rewrite you can achieve the same effect while you still can use relative URLs:

        RewriteEngine on
        RewriteRule   ^/(.*):SSL$   https://%{SERVER_NAME}/$1 [R,L]
        RewriteRule   ^/(.*):NOSSL$ http://%{SERVER_NAME}/$1  [R,L]
        
    This rewrite ruleset lets you use hyperlinks of the form
        <a href="document.html:SSL">
        

  20. Why has my webserver a higher load now that I run SSL there?

    Because SSL uses strong cryptographic encryption and this needs a lot of number crunching. And because when you request a webpage via HTTPS even the images are transfered encrypted. There is dramatically more to do on the webserver, so the load increases.

  21. What SSL Ciphers are supported by mod_ssl?

    Usually just all SSL chipers which are supported by the used version of SSLeay (can depend on the way you built SSLeay). Typically this at least includes the following:

    • RC4 with MD5
    • RC4 with MD5 (export version restricted to 40-bit key)
    • RC2 with MD5
    • RC2 with MD5 (export version restricted to 40-bit key)
    • IDEA with MD5
    • DES with MD5
    • Triple-DES with MD5

    To determine the actual list of supported ciphers you can run the following command:

    $ ssleay ciphers -v

  22. Why cannot I use SSL with name-based/non-IP-based virtual hosts?

    The reason is very technically. Actually it's some sort of a chicken and egg problem: The SSL protocol layer stays below the HTTP protocol layer and encapsulates HTTP. When an SSL connection (HTTPS) is established Apache/mod_ssl has to negotiate the SSL protocol parameters with the client. For this mod_ssl has to consult the configuration of the virtual server (for instance it has to look for the cipher suite, the server certificate, etc.). But in order to dispatch to the correct virtual server Apache has to know the Host HTTP header field. For this the HTTP request header has to be read. This cannot be done before the SSL handshake is finished. But the information is already needed at the SSL handshake phase. Bingo!