This chapter provides basic information on how to install the
Apache World Wide Web (WWW or Web) server
with the mod_ssl security module and the OpenSSL library and
toolkit. The combination of these three components, provided with Red Hat Linux,
will be referred to in this manual as the secure Web server or just as the secure
server.
Simply stated, Web servers provide Web pages in response to requests
from browsers. Well-known browsers include Netscape
Navigator and Microsoft Internet
Explorer. In more technical terms, Web servers and
browsers communicate using the HyperText Transfer Protocol (HTTP), the
Internet standard for Web communications. When users click on a link on
a Web page, an HTTP request is sent to a Web server for the content
named by the link. The Web server receives the request and provides the
content that was asked for, such as a HyperText Markup Language (HTML)
page, a CGI script, or a Web page dynamically generated from a
database. If a Web server cannot fulfill the request, it sends back an
error message. Apache, the Web server provided in Red Hat Linux, is the most
widely used Web server on the Internet today (see http://www.netcraft.net/survey).
The Apache Web server is modular in design; it consists of many separate
pieces of code which apply to different aspects or functionalities of
the Web server. This modularity was intentional, so that any developer
can write their own small piece of code to address a particular need.
Their code, called a module, can then be integrated into the Apache Web
server with relative ease.
The mod_ssl module is a security module for the Apache Web server. The
mod_ssl module uses the tools provided by the OpenSSL Project to add a
very important feature to Apache — the ability to encrypt
communications. In contrast, using regular HTTP, communications between
a browser and a Web server are sent in plaintext, which could be
intercepted and read by someone along the route between the browser and
the server.
The OpenSSL Project includes a toolkit which implements the Secure
Sockets Layer (SSL) and Transport Layer Security (TLS) protocols and a
general purpose cryptography library. The SSL protocol is used for
secure data transmission over the Internet today. The TLS protocol is a
proposed Internet standard for private and reliable communications over
the Internet. OpenSSL tools are used by the mod_ssl module to provide
security for Web communications.
This chapter is not meant to be complete and exclusive documentation for
any of these programs. When possible, this guide will point you to
appropriate places where you can find more in-depth documentation on
particular subjects.
This chapter will show you how to install these programs. You will also
learn the steps necessary to generate a private key and a certificate
request, how to generate your own self-signed certificate, and how to
install a certificate to use with your secure Web server.
