HP Secure Web Server
Version 1.3_1 for OpenVMS Alpha
(based on Apache)

SSL User's Guide

CONTENTS

Chapter 1: SSL Setup Information

Documentation
SSL files
After installing
Configuration options
Verifying an SSL connection
Disabling SSL

Chapter 2: Introduction to SSL

What is SSL?
How widely used is SSL?
How are Apache_SSL, mod_ssl, and OpenSSL related?
How does mod_ssl fit into Secure Web Server?

Chapter 3: An SSL Primer

The SSL Protocol
The SSL Handshake
What is public key encryption?
The secure link
How do certificates work?
How to view browser certificates
How does SSL use ciphers?
How do digital signatures work?
What are certificate chains?

Chapter 4: Using mod_ssl Directives

How to apply mod_ssl directives

Entering directives in the server configuration file
Using access files
Mapping mod_ssl contexts

Summary of mod_ssl directives

Chapter 5: Understanding Certificates

Distinguished names
A typical certificate
Types of certificates

Chapter 6: Using the Certificate Tool

Start the tool
1. How to view a certificate
2. How to view a certificate request
3. How to create a certificate request
4. How to create a self_signed certificate
5. How to create a certificate authority
6. How to sign a certificate request
7. How to hash certificate authorities
8. How to hash certificate revocations

Chapter 7: Using Certificates

How to use certificates

How to test a real server certificate
How to install a Verisign Global Server ID
How to enforce secure pages selectively
How to create and distribute client certificates
How to implement the FakeBasicAuth option
FAQs

How to use command_line OpenSSL

How to create and view a client revocation list
FAQs

Appendix A: Glossary

HP Secure Web Server Home Page

Distribution restrictions and disclaimer

Customer agrees that he/she is not prohibited by the U.S. or other government export control regulations from receiving this software or technical data.

This user guide contains links to external sites (denoted by this symbol) whose content is subject to change and for which Hewlett_Packard Company has no responsibility. Furthermore, the accuracy of such links cannot be guaranteed because of the dynamic nature of the web.

Copyright and trademark information

© 2005 Hewlett_Packard Development Company, L.P.

Apache is a trademark of the Apache Software Foundation.

VeriSign is a trademark of VeriSign, Inc.

Netscape Navigator and Netscape Communicator are trademarks of Netscape Communications Corporation.

Internet Explorer is a trademark of Microsoft Corporation.

All other product names mentioned herein may be trademarks or registered trademarks of their respective companies.

Confidential computer software. Valid license from HP or authorized sublicensor required for possession, use, or copying. Consistent with FAR 12.211 and 12.212, Commercial Computer Software, Computer Software Documentation, and Technical Data for Commercial Items are licensed to the U.S. Government under vendor's standard commercial license.

HP shall not be liable for technical or editorial errors or omissions contained herein. The information in this document is subject to change without notice.

The information in this publication is subject to change without notice and is provided "AS IS" WITHOUT WARRANTY OF ANY KIND. THE ENTIRE RISK ARISING OUT OF THE USE OF THIS INFORMATION REMAINS WITH RECIPIENT. IN NO EVENT SHALL HP BE LIABLE FOR ANY DIRECT, CONSEQUENTIAL, INCIDENTAL, SPECIAL, PUNITIVE, OR OTHER DAMAGES WHATSOEVER (INCLUDING WITHOUT LIMITATION, DAMAGES FOR LOSS OF BUSINESS PROFITS, BUSINESS INTERRUPTION, OR LOSS OF BUSINESS INFORMATION), EVEN IF HP HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. THE FOREGOING SHALL APPLY REGARDLESS OF THE NEGLIGENCE OR OTHER FAULT OF EITHER PARTY AND REGARDLESS OF WHETHER SUCH LIABILITY SOUNDS IN CONTRACT, NEGLIGENCE, TORT, OR ANY OTHER THEORY OF LEGAL LIABILITY, AND NOTWITHSTANDING ANY FAILURE OF ESSENTIAL PURPOSE OF ANY LIMITED REMEDY.

The limited warranties for HP products are exclusively set forth in the documentation accompanying such products. Nothing herein should be construed as constituting a further or additional warranty.