Good Morning PHP-Windows Listers,
The Problem: I'm trying to setup SSL on my Win2K, Apache(1.3.29), PHP(4.3.6 with OpenSSL 0.9.7c enabled) system. My version of Apache does not have mod_ssl installed, though I have downloaded but not installed version 1.3.31 that does include OpenSSL 0.9.7d.
The Question: Were I to install Apache 1.3.31, would the difference in OpenSSL releases -- c. vs. d. -- cause problems ( I'm guessing _yes_ ). And if it would, does anyone know where I might find a binary of mod_ssl that includes OpenSSL 0.9.7c ? ( I have been reading through the information at www.modssl.org but have not found a binary version of mod_ssl with OpenSSL 0.9.7c ).
Also, I will cheerfully accept any and all advice or insight about setting up SSL. It is turning out to be more daunting than I imagined.
Please CC me if responding as I only get the digest of this list.
Much Thanks,
dave
Hi Dave,
Let me start with acknowledging that I'm far from an expert in the daunting world of SSL. But the good news is that it didn't stop me from putting together a working Apache 1.3.31 / mod_ssl 2.8.18 / OpenSSL-0.9.7d / PHP 4.3.7 (as a module) on win32, thx to much appreciated efforts of the PHP community at large (see links below).
If you're only looking for general ssl functionality, so that your PHP-driven website(s) are available under both HTTP and HTTPS url's, then you don't really need the php_openssl.dll at all. Apache's mod_ssl will take care of this. Personally I don't do key generation and certificate signing, so I cannot give an informed answer to the 'will differences cause problems' part of your question. However, the PHP Manual states you are strongly encouraged to use the most recent OpenSSL version, otherwise your web server could be vulnerable to attack. General rule of thumb actually ... You can always obtain the latest stable Apache / mod_ssl-openssl binaries (both 1.3.x and 2.0.x) at
http://hunter.campbus.com/ (they work fine for me).
Now if you would want to use PHP to:
(1) read remote file using HTTPS via file_get_contents() (2) read remote file using FTPS via file_get_contents() (3) making a POST request to an https server via fsockopen()
the plot thickens. Theses things require your PHP setup has https/ftps streams available. To my knowledge the official PHP windows binaries don't have this by default. You can easily check by running a phpinfo() script, the available streams are reported there. But luckily you can achieve this by downloading an openssl-aware phpts.dll (has to be similar to your PHP version) and use this instead of the one you obtained in the official release. I have been using the ones found at http://ftp.emini.dk/pub/php/win32/openssl/ for PHP 4.3.4 and 4.3.7 without a hitch. The PHP Manual contains example code for all 3 functionalities at http://www.php.net/manual/en/ref.stream.php
Good luck,
speedfreak
-- PHP Windows Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
