Two major versions of Apache are in current use
Apache version 1 is still supported and widely used but no longer being developed. Version 1 has never supported TLS directly, relying for this on one of two add-on packages: Apache-SSL (http://www.apache-ssl.org/) or mod_ssl (http://www.modssl.org/).
Version 2 of Apache was released for general use in April 2002 and this includes support for TLS (based on mod_ssl from version 1) as part of its core functionality.
Apache version 1 with mod_ssl and Apache version 2 are both roughly equivalent in function as far as TLS is concerned, this course happens to use Apache version 2.2. Configuration directives used by Apache-SSL are similar but different in detail.
Red Hat Linux, Fedora and SuSE Linux include copies of Apache with TLS support. Versions of Red Hat Linux prior to version 8 include Apache 1 and mod_ssl, later versions of Red Hat Linux include Apache 2, as does Fedora. SuSE Linux provides both Apache 1 with mod_ssl and Apache 2 in version 9 and Apache 2 only in subsequent versions. Other Linux and Unix systems may be similar. It is also possible to build Apache 1 with mod_ssl, or Apache 2, from source, see http://www.modssl.org/docs/2.8/ssl_overview.html or http://httpd.apache.org/docs-2.0/install.html for details of requirements and procedures.
Apache for Windows can be built from source, but requires the commercial Microsoft Visual C++ compiler, version 5.0 or above. The Apache foundation make pre-built versions of Apache for Windows available, but at the moment these do not include TLS support. Binary copies of Apache for Windows including TLS support can sometimes be found with a web search - at present copies appear to be being maintained at http://hunter.campbus.com/ and http://www.apachelounge.com/download/
The examples that follow were taken from a Linux machine ruining SuSE Linux Enterprise Edition 10. Other Unix installations may differ slightly, for example in the paths used, but should be substantially the same. A Windows Apache installation will also be very similar, with obvious changes to pathnames and file locations. SLES includes SSL and TLS support for Apache inside the main apache2 package. In other Linux distributions the necessary support is sometimes in a seperate package, oftern called mos_ssl.
We need to build a configuration file that will instruct Apache to offer a HTTPS services. We start with a simple configuration that is just sufficient to provide a basic service over standard HTTP.
User wwwrun Group www # Load the modules needed for this file LoadModule mime_module /usr/lib/apache2/mod_mime.so LoadModule dir_module /usr/lib/apache2/mod_dir.so LoadModule setenvif_module /usr/lib/apache2/mod_setenvif.so LoadModule log_config_module /usr/lib/apache2/mod_log_config.so Options None # Set up MIME content type recognition TypesConfig /etc/mime.types # Enable default documents for directory queries DirectoryIndex index.html # Setup Logging LogFormat "%h %l %u %t \"%r\" %>s %b" clf # Listen on port 80 (default http) Listen 80 <VirtualHost *:80> ServerName www.dept.cam.ac.uk DocumentRoot /srv/www/WWW CustomLog /var/log/apache2/www.log clf </VirtualHost>
If we copy this configuration into place and restart Apache we should be able to access the site.