Thank you Daniel for your help.I believe a bad part (or an important feature that does not exist) of mod_ssl is the lack of ability to pass any argument or parameter to the crypto device that you want to use. Do you know anything about passing a parameter (command in openssl engine terminology)? Otherwise, I may need to hardcode the parameters into the custom openssl engine, which isn't very nice though.
Erman On 6/11/2013 11:06 AM, Daniel Ruggeri wrote:
On 6/10/2013 4:56 PM, coolcuzu wrote:Hi, My question may seem rather complex, but I believe someone can answer it. 1 - I've implemented a custom OpenSsl Engine, which works perfectly fine in OpenSsl. 2 - I want to create a sample web site that uses https with Apache. After my search, I saw that Apache uses mod_ssl to support https. Mod_ssl is based on openssl. That's where my question comes in: When mod_ssl uses openssl in the backend, I want it to use my custom Openssl Engine implementation. Is it possible? I hope that i'm clear. Thanks, ErmanHi, Erman; Yes, you can in 2.0. In order to use an engine, though, you must compile httpd with -DSSL_EXPERIMENTAL_ENGINE. This will enable the SSLCryptoDevice directive which will be set to the name of your engine. This compile flag was dropped in 2.2 which made SSLCryptoDevice part of a 'normal' build. -- Daniel Ruggeri --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
--------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|