Use mod_ssl to configure Apache keys and certificates
If you've got an Apache server running and you're going to deploy Web applications that require high-level security such as financial transactions or private messaging, you will want to encrypt most of the traffic and establish key-driven authentication in both directions. At first glance, this job is tough enough (and sufficiently unfamiliar) that you're thinking of outsourcing it.
But you have some formidable resources at your disposal. With Apache's mod_ssl module, you have considerable power over your encryption/authentication implementation. Secure Sockets Layer (SSL), in its open protocol form (Transport Layer Security, or TLS), has what you need and, with mod_ssl, you can make it conform to your particular needs.
By Scott Robinson at Builder.
[ Read more ]
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.