# Mod ssl

> Mediated Wiki article. Canonical URL: https://mediated.wiki/source/Mod_ssl
> Markdown URL: https://mediated.wiki/source/Mod_ssl.md
> Source: https://en.wikipedia.org/wiki/Mod_ssl
> Source revision: 1356709279
> License: Creative Commons Attribution-ShareAlike 4.0 International (https://creativecommons.org/licenses/by-sa/4.0/)

{{DISPLAYTITLE:mod_ssl}}

'''mod_ssl''' is an optional module for the [Apache HTTP Server](/source/Apache_HTTP_Server). It provides strong [cryptography](/source/cryptography) for the Apache v1.3 and v2 [webserver](/source/webserver) via the Secure Sockets Layer (SSL v2/v3) and [Transport Layer Security](/source/Transport_Layer_Security) (TLS v1) [cryptographic protocol](/source/cryptographic_protocol)s by the help of the Open Source SSL/TLS toolkit [OpenSSL](/source/OpenSSL).

==History==
The mod_ssl v1 package was initially created in April 1998 by Ralf S. Engelschall via porting Ben Laurie's Apache-SSL 1.17 source patches for Apache 1.2.6 to Apache 1.3b6.<ref name=MODSSL1>{{cite web |title=mod_ssl FAQ|url=http://www.modssl.org/docs/2.8/ssl_faq.html#history |website=mod_ssl}}</ref> Because of conflicts with Ben Laurie's development cycle it then was re-assembled from scratch for Apache 1.3.0 by merging the old mod_ssl 1.x with the newer Apache-SSL 1.18. From this point on mod_ssl lived its own life as mod_ssl v2.

The first publicly released version was mod_ssl 2.0.0 from August 10, 1998. After US export restrictions on cryptographic software were loosened, mod_ssl became part of the Apache HTTP Server with the release of Apache httpd 2.<ref>{{Cite web |title=SSL/TLS Strong Encryption: FAQ - Apache HTTP Server |url=https://httpd.apache.org/docs/2.0/ssl/ssl_faq.html.en |access-date=2023-08-07 |website=httpd.apache.org}}</ref> As of October 10, 2009, the latest version released for mod_ssl in Apache 1.3 is mod_ssl v2.8.31-1.3.41 on February 8, 2008.<ref name=MODSSL2>{{cite web |title=mod_ssl Home page |url=http://www.modssl.org/ |website=mod_ssl}}</ref>

==Overview==
The original version created for Apache v1.3 was initially created in April 1998 by Ralf S. Engelschall via porting Ben Laurie's [https://web.archive.org/web/20090314040822/http://www.apache-ssl.org/ Apache-SSL] 1.17 source patches for Apache 1.2.6 to Apache 1.3b6.<ref name=MODSSL1></ref> This version is under a [BSD-style license](/source/BSD-style_license). The version for v2.0 and later, in contrast, is maintained by [Apache Software Foundation](/source/Apache_Software_Foundation) and licensed under [Apache License](/source/Apache_License) 2.0.{{cn|date=May 2026}}

It is possible to provide [HTTP](/source/HTTP) and [HTTPS](/source/HTTPS) with a single server machine, because HTTP and HTTPS use different server ports, so there is no direct conflict between them.<ref>{{Cite web |title=Introduction to SSL Certificates - Steps to Install an SSL Certificate |url=https://suchfokus.de/ssl-zertifikat-einrichten |access-date=2026-05-29}}</ref> It is either the maintainer who would run two separate Apache server instances (one binds to port 80, the other to port 443) or use Apache's [virtual hosting](/source/virtual_hosting) facility where the maintainer can create two virtual servers which Apache dispatches: one responding to port 80 and speaking HTTP and one responding to port 443 speaking HTTPS.

==Differences==
The original mod_ssl in Apache 1.3 available at [http://www.modssl.org www.modssl.org] is a third-party add-on package requiring additional steps in the compilation and configuration process. Also, the maintainer of the server needs to resolve additional system and Apache dependencies. Apache 2, in contrast, is a built-in module maintained by Apache Software Foundation, and mod_ssl can be easily activated in the compilation and configuration options.<ref>{{Cite web |last=Thompson |first=Alex |date=2023-07-24 |title=Expert Tips for Website Protection |url=https://zabhost.com/blog/wordpress-security-best-practices/ |access-date=2023-08-07 |language=en-US}}</ref>

==See also==
{{Portal|Free and open-source software}}
* [List of Apache Modules](/source/List_of_Apache_Modules)
* [Domain-validated certificate](/source/Domain-validated_certificate)

==References==
{{Reflist}}

==External links==
*[http://www.modssl.org/ Official mod_ssl website]
*[https://trackssl.com/ SSL Certificate Monitoring]
*[http://httpd.apache.org/docs/current/mod/mod_ssl.html Current mod_ssl documentation]

Category:Web server software
Category:Apache httpd modules
Category:Articles with underscores in the title
Category:Transport Layer Security

---
Adapted from the Wikipedia article [Mod ssl](https://en.wikipedia.org/wiki/Mod_ssl) by Wikipedia contributors ([contributor history](https://en.wikipedia.org/wiki/Mod_ssl?action=history)). Available under [Creative Commons Attribution-ShareAlike 4.0 International](https://creativecommons.org/licenses/by-sa/4.0/). Changes may have been made.
