Article ID: 3184, created on Nov 30, 2007, last review on Apr 29, 2014

  • Applies to:
  • H-Sphere

Resolution

 

SSL Implementation

This document covers SSL implementation on H-Sphere Unix Web servers.

SSL is implemented by the mod_ssl Apache utility and uses OpenSSL package installed on the box. Before H-Sphere 2.5, OpenSSL is installed by the hsphere-openssl package. H-Sphere 2.5 and up uses native OpenSSL packages installed with operating systems.

SSL modes:

Dedicated SSL

In dedicated SSL mode, a single SSL certificate is issued for a dedicated IP.

For dedicated IPs, SSL keys are located in the user home directory:

/hsphere/local/home/{user_name}/ssl.conf/{domain_name}/

If SSL is enabled, the following files will be placed to this directory:

  • server.crt - SSL certificate
  • server.key - SSL private key

Shared SSL

In shared SSL mode, one SSL certificate would be used for all IPs under the same domain zone.

Directories with SSL certificates and keys are located in the Apache config directory (/hsphere/shared/apache/config/).

/hsphere/shared/apache/conf/ssl.shared - directory for shared SSL certificates and keys.

Shared SSL directory structure:

  • ssl.shared/{domain_name} - directory with SSL certificate and private key for a domain

With SSL enabled, the following files are placed into this directory:

  • server.crt - SSL Certificate
  • server.key - SSL Private Key
  • server.csr - SSL signing request (if certificate has been generated by H-Sphere SSL generator tool)

When the user turns off SSL, the files remain on the server. When the user turns SSL back on, they are overwritten with the new files.


f213b9fa8759d57bee5d547445806fe7 6311ae17c1ee52b36e68aaf4ad066387

Email subscription for changes to this article
Save as PDF
© 1999-2016 Ingram Micro Inc. All rights reserved. Odin and the Odin logo are trademarks of Ingram Micro Inc.