| Author |
|
JohnQuixote
Joined: 04 Dec 2007
Posts: 7
|
 Posted: Tue 04 Dec '07 23:26 Post subject: Apache 1.3.39 & mod_ssl.so |
 |
|
I'm desperately looking for the binary mod_ssl.so and supporting files for Apache v 1.3.39 for Windows. I've run into dead ends all over the place. Does anyone have a link to a download for these files?
Thanks!
John |
|
| Back to top |
|
James Blond
Moderator
Joined: 19 Jan 2006
Posts: 7371
Location: Germany, Next to Hamburg
|
| Posted: Tue 04 Dec '07 23:37 Post subject: |
|
|
Apache 1.3 is really out of date! You should update to 2.2.x
If you still want to use the old 1.3 with SSL download from apache-ssl org mirror
See also here for a setup tutorial |
|
| Back to top |
|
JohnQuixote
Joined: 04 Dec 2007
Posts: 7
|
| Posted: Tue 04 Dec '07 23:46 Post subject: |
|
|
Thanks for the links!
It's a company requirement, not my own choice... Unfortunately that link goes from Apache v1.3.37 to v2.0.59, and skips over v1.3.39.
Are there any other locations? |
|
| Back to top |
|
James Blond
Moderator
Joined: 19 Jan 2006
Posts: 7371
Location: Germany, Next to Hamburg
|
|
| Back to top |
|
JohnQuixote
Joined: 04 Dec 2007
Posts: 7
|
| Posted: Wed 05 Dec '07 0:14 Post subject: |
|
|
| Thanks for your responses. I'm hoping that there is somewhere to access these files I need. I can't image them not being available. |
|
| Back to top |
|
glsmith
Moderator
Joined: 16 Oct 2007
Posts: 2268
Location: Sun Diego, USA
|
| Posted: Wed 05 Dec '07 6:33 Post subject: |
|
|
Historically, you can NOT get Apache 1.3.x with SSL, not from ASF anyway. ASF has never distributed such a beast and I have no clue as to why. You couldn't get 1.3 or 2.x with it untill more recently due to US export restrictions on encryption (OpenSSL). I am sure it now has something to do with modssl.org themselves and distribution rights/conditions. This is the only difference at this point in the game that I can see. One is patched from modssl.org supplied patch (1.3) and the others are not (2.x).
Third party providers of this beast have either gone away (OpenSA Project), haven't moved on 1.3.39 (http://www.gknw.net/development/apache/), or migrated up at this point (can't find that link). 1.3.40 is on the horizon as well and all things considered, I think you will be back to square one again.
Being a long time 2.x refusenic, I was forced to compile Apache myself in the end to get a 1.3 SSL Apache. So that you cannot find this doesn't surprise me. Heck 1.3.37 was my last build of that tree. With a small exception I skipped the entire 2.0 tree. There's a reason there are 61 revisions in the what, 20 revisions to 1.3 in that same time frame. I saw the trend early on. It's a chore to gather all the stuff like a good little squirrel and compile every time a new security fix version of it or OpenSSL come out.
Now, with the history, and reality of the future, I think you can make a case for moving on with whomever in the company has made this decision. I can however understand a truly needed, life couldn't go on without module that has not been ported to at minimum 2.0.x. On the Win32 platform however, this is hard for me to believe.
EDIT:
and oh yeah, ASF really wants to drop 1.3. Only security fixes will be done till they can drop it.
EDIT2:
From a company standpoint, I would not trust a 3rd party build of mod_ssl/OpemSSL anyway. It introduces an added layer of risk. |
|
| Back to top |
|
SquallATF
Joined: 19 Oct 2007
Posts: 11
|
|
| Back to top |
|
JohnQuixote
Joined: 04 Dec 2007
Posts: 7
|
| Posted: Wed 05 Dec '07 18:11 Post subject: |
|
|
Thanks, glsmith, and Squall.
Squall, That link is not working. |
|
| Back to top |
|
