Apache-SSL is a secure web server based on Apache and SSLeay/OpenSSL. It is licensed under a BSD-style license, which means that you are free to use it for commercial or non-commercial purposes as long as you retain the copyright notices.

Apache-SSL provides similar functionality to mod_ssl. mod_ssl is what is known as a split—i.e., it was originally derived from Apache-SSL but has been extensively redeveloped so the code now bears little relation to the original. We cannot advise you to use one over another—both work fine with mod_perl, so choose whichever you want. People argue about which one to use all the time, so if you are interested in the finer points, you may want to check the mailing list archives of the two projects (http://www.apache-ssl.org/#Mailing_List and http://www.modssl.org/support/).

To install mod_perl with Apache-SSL:

  1. Download the sources. You'll need to have matching Apache-SSL and Apache versions.

    Apache:     http://www.apache.org/dist/httpd/
mod_perl:   http://perl.apache.org/download/
openssl:    http://www.openssl.org/source/
Apache-SSL: http://www.apache-ssl.org/#Download

  2. Unpack the sources:

    panic% tar xvzf mod_perl-1.xx
panic% tar xvzf apache_1.3.xx.tar.gz
panic% tar xvzf openssl-x.x.x.tar.gz

  3. Configure and install openssl, if necessary:

    panic% cd openssl-x.x.x
panic% ./config
panic% make && make test
panic# make install

    If you already have the openssl development environment installed, you can skip this stage.

  4. Apache-SSL comes as a patch to Apache sources. First unpack the Apache-SSL sources inside the Apache source tree and make sure that the Apache source is clean (in case you've used this source to build Apache before). Then run ./FixPatch and answer y to proceed with the patching of Apache sources:

    panic% cd apache_1.3.xx
panic% make clean
panic% tar xzvf ../apache_1.3.xx+ssl_x.xx.tar.gz
panic% ./FixPatch
Do you want me to apply the fixed-up Apache-SSL patch for you? [n] y

  5. Proceed with mod_perl configuration. The notable addition to the usual configuration parameters is that we use the SSL_BASE parameter to point to the directory in which openssl is installed:

    panic% cd ../mod_perl-1.xx
panic% perl Makefile.PL USE_APACI=1 EVERYTHING=1 \
    DO_HTTPD=1 SSL_BASE=/usr/local/ssl \
    APACHE_SRC=../apache_1.3.xx/src

  6. Build, test, and install mod_perl:

    panic% make && make test
panic# make install

  7. Create an SSL certificate and install Apache and the certificate files:

    panic# cd ../apache_1.3.xx
panic# make certificate
panic# make install

  8. Now proceed with the configuration of the Apache-SSL and mod_perl parts of the server configuration files before starting the server. Refer to the Apache-SSL documentation to learn how to configure the SSL section of httpd.conf.

Now start the server:

panic# /usr/local/apache/bin/httpsdctl start

Note that by default, Apache-SSL uses httpsdctl instead of apachectl.

You should see something like this in /usr/local/apache/logs/httpsd_error_log:

[Sat May 18 14:14:12 2002] [notice]
Apache/1.3.24 (Unix) mod_perl/1.26 Ben-SSL/1.48 (Unix)
configured -- resuming normal operations