Re: Is it possible to not force SSL on port:443?

Also, here is my ssl.conf:
---------------------------------
LoadModule ssl_module modules/mod_ssl.so

AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl .crl

SSLPassPhraseDialog builtin

SSLSessionCache shmcb:/var/cache/mod_ssl/scache(512000)
SSLSessionCacheTimeout 300

SSLMutex default

SSLCryptoDevice builtin

SSLProtocol +All
SSLCipherSuite HIGH:MEDIUM:+SHA1:+NULL:+aNULL:+eNULL

SSLRandomSeed startup file:/dev/urandom 1024
SSLRandomSeed connect file:/dev/urandom 1024

SSLProxyEngine off
-----------------------------------

Then I setup my vhost like:

<VirtualHost myIP:443>
DocumentRoot /var/www/websitename/
ServerName websitename
ErrorLog /var/log/httpd/websitename-ssl-error.log
CustomLog /var/log/httpd/websitename-ssl-access.log common
sslengine on
sslcertificatefile /etc/httpd/ssl/websitename/websitename.crt
sslcertificatekeyfile /etc/httpd/ssl/websitename/websitename.key
</VirtualHost>

Right now I am using sslengine off and doing none encryption over 443, but I
really need to make encryption optional on the same port.

Any ideas?


----- Original Message -----
From: "Cliff Woolley" <jwoolley@apache.org>
To: <modssl-users@modssl.org>
Sent: Friday, October 14, 2005 7:36 AM
Subject: Re: Is it possible to not force SSL on port:443?


On 10/14/05, Pigeon <fredit@charter.net> wrote:[color=blue]
> I am helping someone develop a product, and for the next little bit he
> will
> need to access port 443 with out the communication being encrypted (aka he
> could telnet to it if he wanted).
>
> But in the very near future, he will want to make 443 encrypted..
>
> Is it possible to not force encryption on port443?[/color]

Sure... you just tell Apache to listen on that port and don't turn the
SSLEngine on. :)

Or are you asking how to make it *optional*? You can do that too --
as long as "SSLRequireSSL" isn't set, it should work.
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) [url]www.modssl.org[/url]
User Support Mailing List [email]modssl-users@modssl.org[/email]
Automated List Manager [email]majordomo@modssl.org[/email]
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) [url]www.modssl.org[/url]
User Support Mailing List [email]modssl-users@modssl.org[/email]
Automated List Manager [email]majordomo@modssl.org[/email]