This chapter provides basic information on how to install the Apache World Wide Web (WWW or Web) server with the mod_ssl security module and the OpenSSL library and toolkit. The combination of these three components, provided with Red Hat Linux, will be referred to in this manual as the secure Web server or just as the secure server.
Simply stated, Web servers provide Web pages in response to requests from browsers. Well-known browsers include Netscape Navigator and Microsoft Internet Explorer. In more technical terms, Web servers and browsers communicate using the HyperText Transfer Protocol (HTTP), the Internet standard for Web communications. When users click on a link on a Web page, an HTTP request is sent to a Web server for the content named by the link. The Web server receives the request and provides the content that was asked for, such as a HyperText Markup Language (HTML) page, a CGI script, or a Web page dynamically generated from a database. If a Web server cannot fulfill the request, it sends back an error message. Apache, the Web server provided in Red Hat Linux, is the most widely used Web server on the Internet today (see http://www.netcraft.net/survey).
The Apache Web server is modular in design; it consists of many separate pieces of code which apply to different aspects or functionalities of the Web server. This modularity was intentional, so that any developer can write their own small piece of code to address a particular need. Their code, called a module, can then be integrated into the Apache Web server with relative ease.
The mod_ssl module is a security module for the Apache Web server. The mod_ssl module uses the tools provided by the OpenSSL Project to add a very important feature to Apache — the ability to encrypt communications. In contrast, using regular HTTP, communications between a browser and a Web server are sent in plaintext, which could be intercepted and read by someone along the route between the browser and the server.
The OpenSSL Project includes a toolkit which implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols and a general purpose cryptography library. The SSL protocol is used for secure data transmission over the Internet today. The TLS protocol is a proposed Internet standard for private and reliable communications over the Internet. OpenSSL tools are used by the mod_ssl module to provide security for Web communications.
This chapter is not meant to be complete and exclusive documentation for any of these programs. When possible, this guide will point you to appropriate places where you can find more in-depth documentation on particular subjects.
This chapter will show you how to install these programs. You will also learn the steps necessary to generate a private key and a certificate request, how to generate your own self-signed certificate, and how to install a certificate to use with your secure Web server.