Title: Secure webservers for Linux

KBTAG: kben10000028
URL: http://www.securityportal.com/lskb/10000000/kben10000028.html
Date created: 14/04/2000
Date modified:
Date removed:
Authors(s): Kurt Seifried seifried@securityportal.com
Topic:
Keywords: Network/WWW

Summary:

There are a large number of SSL capable/enabled web servers for Linux. Due to RSA patents in the US you cannot use a "free" SSL web server such as Apache-SSL, you must buy one. Also many of the secure webservers are produced in the US, meaning they cannot be exported outside of the US or Canada.

More information:

I suggest reading the following articles, "Webserver Round up" parts I and II.

http://www.securityportal.com/closet/closet19991110.html - Webserver Round up part I

http://www.securityportal.com/closet/closet19991215.html - Webserver Round up part II

Downloads:

Apache-SSL

You need to get Open-SSL, compile and install that, and then patch Apache with the Apache-SSL patch, compile Apache, and off you go. Open-SSL is available from: http://www.openssl.org/. Apache-SSL is available from http://www.apache-ssl.org/.

Apache with mod_ssl

You need to get Open-SSL, compile and install that, and then patch Apache with the mod_ssl patch, compile Apache, and off you go. Open-SSL is available from: http://www.openssl.org/. mod_ssl is available from http://www.modssl.org/.

Red Hat Secure Server

Red Hat Secure Server is an Apache based product from (guess who) Red Hat software. Essentially it is stock Apache with RSA cryptographic modules (which is what you are paying for essentially) and can also serve standard non cryptographic http requests. It can only be sold in the USA and Canada, and is the cheapest option (in my opinion) as far as secure www servers that are legal to use in the US go (due to RSA patents). You can buy Red Hat Secure Server from: http://store.redhat.com/commerce/.

Roxen

Roxen is another commercial www server capable of HTTPS and is GPL licensed. You can freely download it if you are in the European Union or Australia, Canada, Japan, New Zealand, Norway, USA, or Switzerland. A version with “weak” (40 bit) crypto can be downloaded without any problems to any country. Roxen is an extremely solid product and is available from: http://www.roxen.com/.

Zeus

Zeus is a high end www server that supports SSL. It is a commercial product, and you can get it (a 30 day demo is available) at: http://www.zeustechnology.com/.

Netscape Enterprise

Currently in beta testing (although it installed and runs fine) for Linux, available from: http://www.iplanet.com/downloads/iwsonlinux.html.

IBM HTTP Server

IBM also makes an HTTP server for Linux (based on Apache) that you can download from here: http://www-4.ibm.com/software/webservers/httpservers/download.html.