Newsflash |  State |  Announce |  Internet 
Source Code


Announcement: mod_ssl version 2.8 released

 mod_ssl version 2.8              ``mod_ssl combines the flexibility of   
 ===================                Apache with the security of OpenSSL.''
 The Apache Interface to OpenSSL  ``The best SSL solution for             Apache money can't buy.''         
 This Apache module provides strong cryptography for the Apache 1.3
 webserver via the Secure Sockets Layer (SSL v2/v3) and Transport Layer
 Security (TLS v1) protocols by the help of the Open Source SSL/TLS
 toolkit OpenSSL, which is based on SSLeay from Eric A. Young and Tim
 J. Hudson. The mod_ssl package was created in April 1998 by Ralf S.
 Engelschall and was originally derived from software developed by Ben
 Laurie for use in the Apache-SSL HTTP server project.

 As a summary, here are its main features:

   o  Supports Apache 1.3.20
   o  Open-Source software (BSD-style license)
   o  Useable for both commercial and non-commercial use
   o  Available for both Unix and Win32 (Windows 95/98/NT) platforms 
   o  128-bit strong cryptography world-wide
   o  Support for SSLv2, SSLv3 and TLSv1 protocols
   o  Support for both RSA and Diffie-Hellman ciphers
   o  Clean reviewable ANSI C source code 
   o  Clean Apache module architecture
   o  Integrates seamlessly into Apache through an Extended API (EAPI)
   o  Full Dynamic Shared Object (DSO) support
   o  Advanced pass-phrase handling for private keys
   o  X.509 certificate based authentication for both client and server
   o  X.509 certificate revocation list (CRL) support
   o  Support for per-URL renegotiation of SSL handshake parameters
   o  Support for explicit seeding of the PRNG from external sources
   o  Support for HTTPS proxy via EAPI hooks in mod_proxy
   o  Additional boolean-expression based access control facility
   o  Backward compatibility to other Apache SSL solutions
   o  Inter-process SSL session cache (DBM or Shared Memory based)
   o  Powerful dedicated SSL engine logging facility
   o  Simple and robust application to Apache source trees
   o  Fully integrated into the Apache 1.3 configuration mechanism
   o  Additional integration into the Apache Autoconf-style Interface (APACI)
   o  Assistance in X.509v3 certificate generation (both RSA and DSA)
   o  Experimental support for external Crypto Devices (OpenSSL ENGINE)

 mod_ssl version 2.8 is considered to be the best version of mod_ssl
 available and users of older versions are encouraged to upgrade as soon
 as possible. mod_ssl is available for download via HTTP and FTP from
 the following master locations (the various FTP mirrors you can find


                                       Ralf S. Engelschall