ApacheへのSSLの組み込み
ApacheでSSL(Secure Sockets Layer)を使う
http://www.atmarkit.co.jp/flinux/rensai/apache04/apache04a.html
http://www.atmarkit.co.jp/flinux/rensai/apache12/apache12a.html
SSLを使うことで、通信経路を暗号化して盗聴や改竄を防ぐことができる。
mod_ssl+OpenSSLのインストール
必要なパッケージ
Port: apache+mod_ssl-1.3.41+2.8.31 Path: /usr/ports/www/apache13-modssl Info: The Apache 1.3 webserver with SSL/TLS functionality Maint: dinoex@FreeBSD.org B-deps: expat-2.0.1 mm-1.4.2 perl-5.8.9_3 R-deps: expat-2.0.1 mm-1.4.2 WWW: http://www.apache.org/ Port: openssl-0.9.8k_2 Path: /usr/ports/security/openssl Info: SSL and crypto library Maint: dinoex@FreeBSD.org B-deps: makedepend-1.0.1,1 perl-5.8.9_3 pkg-config-0.23_1 xproto-7.0.15 R-deps: WWW: http://www.openssl.org/
apache+mod_sslがインストール済みのapacheとconflictを起こしてインストールできない。
apacheを削除する。php5はapacheに依存しているためphp5も一旦削除する。
# pkg_delete php5-5.2.10 # pkg_delete apache-1.3.41_1 # pw userdel www # pkg_add -rv apache+mod_ssl
入った。
入ったファイルを調べてみる。
# pkg_info -L apache+mod_ssl-1.3.41+2.8.31 | less Information for apache+mod_ssl-1.3.41+2.8.31: /usr/local/etc/apache/ssl.crl/Makefile /usr/local/etc/apache/ssl.crl/README.CRL /usr/local/etc/apache/ssl.crt/Makefile /usr/local/etc/apache/ssl.crt/README.CRT /usr/local/etc/apache/ssl.crt/ca-bundle.crt /usr/local/etc/apache/ssl.crt/server.crt /usr/local/etc/apache/ssl.crt/snakeoil-ca-dsa.crt /usr/local/etc/apache/ssl.crt/snakeoil-ca-rsa.crt /usr/local/etc/apache/ssl.crt/snakeoil-dsa.crt /usr/local/etc/apache/ssl.crt/snakeoil-rsa.crt /usr/local/etc/apache/ssl.csr/README.CSR /usr/local/etc/apache/ssl.csr/server.csr /usr/local/etc/apache/ssl.key/README.KEY /usr/local/etc/apache/ssl.key/server.key /usr/local/etc/apache/ssl.key/snakeoil-ca-dsa.key /usr/local/etc/apache/ssl.key/snakeoil-ca-rsa.key /usr/local/etc/apache/ssl.key/snakeoil-dsa.key /usr/local/etc/apache/ssl.key/snakeoil-rsa.key /usr/local/etc/apache/ssl.prm/README.PRM /usr/local/etc/apache/ssl.prm/snakeoil-ca-dsa.prm /usr/local/etc/apache/ssl.prm/snakeoil-dsa.prm /usr/local/libexec/apache/libssl.so /usr/local/share/doc/apache/images/mod_ssl_sb.gif /usr/local/share/doc/apache/images/openssl_ics.gif /usr/local/share/doc/apache/mod/mod_ssl/index.html /usr/local/share/doc/apache/mod/mod_ssl/ssl_compat.gfont000.gif /usr/local/share/doc/apache/mod/mod_ssl/ssl_compat.html /usr/local/share/doc/apache/mod/mod_ssl/ssl_compat.wml /usr/local/share/doc/apache/mod/mod_ssl/ssl_cover.wml /usr/local/share/doc/apache/mod/mod_ssl/ssl_cover_logo.jpg /usr/local/share/doc/apache/mod/mod_ssl/ssl_cover_title.jpg /usr/local/share/doc/apache/mod/mod_ssl/ssl_faq.gfont000.gif /usr/local/share/doc/apache/mod/mod_ssl/ssl_faq.html /usr/local/share/doc/apache/mod/mod_ssl/ssl_faq.wml /usr/local/share/doc/apache/mod/mod_ssl/ssl_glossary.html /usr/local/share/doc/apache/mod/mod_ssl/ssl_glossary.wml /usr/local/share/doc/apache/mod/mod_ssl/ssl_howto.gfont000.gif /usr/local/share/doc/apache/mod/mod_ssl/ssl_howto.html /usr/local/share/doc/apache/mod/mod_ssl/ssl_howto.wml /usr/local/share/doc/apache/mod/mod_ssl/ssl_intro.gfont000.gif /usr/local/share/doc/apache/mod/mod_ssl/ssl_intro.html /usr/local/share/doc/apache/mod/mod_ssl/ssl_intro.wml /usr/local/share/doc/apache/mod/mod_ssl/ssl_intro_fig1.gif /usr/local/share/doc/apache/mod/mod_ssl/ssl_intro_fig2.gif /usr/local/share/doc/apache/mod/mod_ssl/ssl_intro_fig3.gif /usr/local/share/doc/apache/mod/mod_ssl/ssl_overview.gfont000.gif /usr/local/share/doc/apache/mod/mod_ssl/ssl_overview.html /usr/local/share/doc/apache/mod/mod_ssl/ssl_overview.wml /usr/local/share/doc/apache/mod/mod_ssl/ssl_overview_fig1.gif /usr/local/share/doc/apache/mod/mod_ssl/ssl_reference.gfont000.gif /usr/local/share/doc/apache/mod/mod_ssl/ssl_reference.html /usr/local/share/doc/apache/mod/mod_ssl/ssl_reference.wml /usr/local/share/doc/apache/mod/mod_ssl/ssl_template.head-chapter.gif /usr/local/share/doc/apache/mod/mod_ssl/ssl_template.head-num-1.gif /usr/local/share/doc/apache/mod/mod_ssl/ssl_template.head-num-2.gif /usr/local/share/doc/apache/mod/mod_ssl/ssl_template.head-num-3.gif /usr/local/share/doc/apache/mod/mod_ssl/ssl_template.head-num-4.gif /usr/local/share/doc/apache/mod/mod_ssl/ssl_template.head-num-5.gif /usr/local/share/doc/apache/mod/mod_ssl/ssl_template.head-num-6.gif /usr/local/share/doc/apache/mod/mod_ssl/ssl_template.head-num-7.gif /usr/local/share/doc/apache/mod/mod_ssl/ssl_template.imgdot-1x1-000000.gif /usr/local/share/doc/apache/mod/mod_ssl/ssl_template.imgdot-1x1-transp.gif /usr/local/share/doc/apache/mod/mod_ssl/ssl_template.inc /usr/local/share/doc/apache/mod/mod_ssl/ssl_template.navbut-next-n.gif /usr/local/share/doc/apache/mod/mod_ssl/ssl_template.navbut-next-s.gif /usr/local/share/doc/apache/mod/mod_ssl/ssl_template.navbut-prev-n.gif /usr/local/share/doc/apache/mod/mod_ssl/ssl_template.navbut-prev-s.gif /usr/local/share/doc/apache/mod/mod_ssl/ssl_template.title-abstract.gif /usr/local/share/doc/apache/mod/mod_ssl/ssl_template.title-compat.gif /usr/local/share/doc/apache/mod/mod_ssl/ssl_template.title-faq.gif /usr/local/share/doc/apache/mod/mod_ssl/ssl_template.title-gloss.gif /usr/local/share/doc/apache/mod/mod_ssl/ssl_template.title-howto.gif /usr/local/share/doc/apache/mod/mod_ssl/ssl_template.title-intro.gif /usr/local/share/doc/apache/mod/mod_ssl/ssl_template.title-over.gif /usr/local/share/doc/apache/mod/mod_ssl/ssl_template.title-preface.gif /usr/local/share/doc/apache/mod/mod_ssl/ssl_template.title-ref.gif /usr/local/share/doc/apache/mod/mod_ssl/ssl_template.title-toc.gif /usr/local/share/doc/apache/mod/mod_ssl/ssl_template.title-tutor.gif
/usr/local/libexec/apache/libssl.so
というライブラリが入っている。これがmod_sslの実体か。
SSL設定次回に続く。