the apache-ssl locker
The apache-ssl "locker" contains the sources, documentation, examples,
and binary distribution for the apache-ssl webserver. This material is
provided "as is", with no support other than what is in the locker.
This is intended for experienced Unix system administrators at MIT.
Others outside the
MIT community are welcome to take it and try it, but we provide no support
other than what is found in the locker.
- The current version of the apache-ssl distribution is
rev11 based on apache1.3.26, available as of August 12th 2002 and the openssl
version 0.9.6e - which has a fix for the security alert of July 29th 2002.
- The previous version of our apache-ssl distribution is
still available for reference purposes.
- August 3, 2004: The existing version of mitCAclient.pem will expire on August 13, 2004.
If you are running a secure web server that uses MIT certificates,
please pick up a new one
(requires a personal MIT certificate) and install it on your web
- January 7, 2004: We are soliciting information to help us decide what
features and functionality to include in the next release of the MIT apache-ssl
distribution. Please see the
questionnaire that was sent to the 'apache-ssl-users'
- August 14, 2003: the mitCAclient.pem will expire on August 23, 2003.
If you are running a secure webserver that uses MIT certificates, please
pick up a new one
(requires a personal MIT certificate) and install it on your webserver,
replacing the old one (/var/ssl/certs/mitCAclient.pem).
- August 19, 2002:Note for maintainers of web servers:
As you probably realize, web servers can be quite complicated to build, test and maintain. In order
to provide a reliable, simple-to-install, general-purpose apache-ssl-based webserver for use by
experienced Unix system administrators at MIT, we make the following assumptions about the system
onto which our apache-ssl webserver will go:
- The operating system is Solaris. We do not build or test against any other operating system.
- The operating system is not more than six months behind the current release of Solaris.
This means that if you want to be able to rely on the apache-ssl distribution for new
versions of the webserver, you must keep the operating system on your system up to date.
In other words, if your system is running an old version of the operating system, the apache-ssl
webserver most likely will not run properly, if at all. In other, other words, the apache-ssl
webserver is tied to the current version of Solaris. We build and test only against the current
version of the operating system.
- If you are going to update an existing apache-ssl webserver, you will be updating from
the previous apache-ssl version. That is, an update from apache-ssl(rev 10) to apache-ssl(rev 11)
will succeed; but most likely an update from apache-ssl(rev 9) or earlier to apache-ssl(rev 11) will
fail miserably. We build and test updating only from the previous apache-ssl release.
- We cannot build or test against older versions of Solaris, other operating systems, or updating from
arbitrary versions of the apache-ssl release. For these, you are on your own.
- July 30,2002: Due to today's security alert in the SSL, we issued new
SSL libraries, SSL binaries and http (httpsd) binaries
- For Solaris 8 (sun4u ( not sun4m) architecture):
- For Solaris 2.6 :
- For AIX 4.3.3 :
$Date: 2004/08/03 19:06:00 $