Apache 1.3 + mod_ssl 2.2 ``mod_ssl combines the flexibility of ======================== Apache with the security of OpenSSL.'' This is Apache version 1.3 plus mod_ssl which provides strong cryptography via the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols by the help of the SSL/TLS implementation toolkit OpenSSL which is based on SSLeay from Eric A. Young and Tim J. Hudson. The mod_ssl package was created in April 1998 by Ralf S. Engelschall and was originally derived from software developed by Ben Laurie for use in the Apache-SSL HTTP server project. As a summary, here are its main SSL/TLS-related features: o Open-Source software (BSD-style license) o Useable for both commercial and non-commercial use o Available for both Unix and Win32 platforms o 128-bit strong cryptography world-wide o Support for SSLv2, SSLv3 and TLSv1 protocols o Clean reviewable ANSI C source code o Clean Apache module architecture o Integrates seamlessly into Apache through an Extended API (EAPI) o Full Dynamic Shared Object (DSO) support o Support for the OpenSSL+RSAref US-situation o Advanced pass-phrase handling for private keys o X.509 certificate based authentication for both client and server o Support for per-URL renegotiation of SSL handshake parameters o Support for explicit seeding of the PRNG from external sources o Additional boolean-expression based access control facility o Backward compatibility to other Apache SSL solutions o Inter-process SSL session cache o Powerful dedicated SSL engine logging facility o Simple and robust application to Apache source trees o Fully integrated into the Apache 1.3 configuration mechanism o Additional integration into the Apache Autoconf-style Interface (APACI) o Assistance in X.509 v3 certificate generation All documentation can be found on-line on the Web: o Apache: http://www.apache.org/ o mod_ssl: http://www.engelschall.com/sw/mod_ssl/ o OpenSSL: http://www.openssl.org/