On Wed, 31 Aug 2005, Boyle Owen wrote: > > -----Original Message----- > > From: John P. Dodge [mailto:dodge@xxxxxxxxxxxxxxxxxxxxxx] > > Sent: Mittwoch, 31. August 2005 15:52 > > To: users@xxxxxxxxxxxxxxxx > > Subject: RE: [users@httpd] Compilinf mods_ssl Shared/static > > > > > > On Wed, 31 Aug 2005, Boyle Owen wrote: > > > > > > > > > > Is there a consensus on compiling mod_ssl as shared or static? > > > > > > It depends on your application which is the more > > appropriate. The two possibilities are not provided just to > > add a bit of spice to life, they're there because in some > > situations it makes more sense to compile-in a module > > statically while in others it's better to load it at runtime. > > > > > > Think about what each entails and the pros and cons of each > > approach and then consider your case and decide which is more > > appropriate. > > > > > > Rgds, > > > Owen Boyle > > > Disclaimer: Any disclaimer attached to this message may be ignored. > > > > > Thanks Owen, > > > > The reason I am asking is that I have always compiled mod_ssl > > static and I > > am now getting feedback from a customer who indicates that > > the problems he > > is having related to SSLVerifyClient renegotiation are due to > > mod_ssl not > > being compiled static. He has a static compiled mod_ssl and > > indicates that > > this operation works fine but in the shared mod_ssl is does not. > > There should be no functional difference between a compiled-in and shared object. If there appears to be a difference, it might be related to different environments when the two versions were compiled. > > The point I was making was that it was more to do with your application. For example, if you run several instances of apache on several servers, and if some are with SSL and others not, it would make sense to load the module only when needed. However, if you were embedding apache in a server which is difficult to access, you might compile in so you have only a single binary to worry about. > > My gut feeling is that a static compile is a bit more robust since once it's working it will tend to stay working until you mess with it. > > Rgds, > Owen Boyle > Disclaimer: Any disclaimer attached to this message may be ignored. Thanks Owen, I meant to say that I have always compiled mod_ssl "shared". Thanks for your help. ---------------------------------------- "Mon aéroglisseur est plein d'anguilles" John P. Dodge Boeing Shared Services --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx