Hi All, I need to know how to get apache 1.3.23 working so it can service HTTPS requests properly. I have a Caldera OpenLinux 3.1.1 box which works fine with https://<ip addr> so I know it should NOT be that hard on SuSE 8.0 Here is what I have installed: billp@nermal:~> rpm -q apache apache-1.3.23-142 billp@nermal:~> rpm -q openssl openssl-0.9.6c-80 billp@nermal:~> rpm -q mod_ssl mod_ssl-2.8.7-110 Now I have added the the following lines to /etc/httpd/httpd.conf: after line 316 I inserted: AddModule mod_ssl.c This is the section which contains all the AddModule directives after line 267 I inserted: LoadModule ssl_module /usr/lib/apache/libssl.so Now in starting up apache with /etc/init.d/apache start, I see no LISTEN requests on port 443 (https/TCP), but in the /var/log/httpd/ssl_engine_log I get the info listed below: [02/Jan/2003 14:49:36 18296] [info] Server: Apache/1.3.23, Interface: mod_ssl/2.8.7, Library: OpenSSL/0.9.6c [02/Jan/2003 14:49:36 18296] [info] Init: 1st startup round (still not detached) [02/Jan/2003 14:49:36 18296] [info] Init: Initializing OpenSSL library [02/Jan/2003 14:49:36 18296] [info] Init: Seeding PRNG with 136 bytes of entropy [02/Jan/2003 14:49:36 18296] [info] Init: Generating temporary RSA private keys (512/1024 bits) [02/Jan/2003 14:49:37 18296] [info] Init: Configuring temporary DH parameters (512/1024 bits) [02/Jan/2003 14:49:38 18297] [info] Init: 2nd startup round (already detached) [02/Jan/2003 14:49:38 18297] [info] Init: Reinitializing OpenSSL library [02/Jan/2003 14:49:38 18297] [info] Init: Seeding PRNG with 136 bytes of entropy [02/Jan/2003 14:49:38 18297] [info] Init: Configuring temporary RSA private keys (512/1024 bits) [02/Jan/2003 14:49:38 18297] [info] Init: Configuring temporary DH parameters (512/1024 bits) [02/Jan/2003 14:49:38 18297] [info] Init: Initializing (virtual) servers for SSL Can someone tell me what I am doing wrong, it shouldn't be so hard to get apache under SuSE 8.0 to process https://<some IP> Also, will SuSE be upgrading Apache to 1.3.27, since apache.org states that this should be done to close all security issues? Or does keeping everything patched via Online Update in 'Yast2' cover apache 1.3.23 effectively? -Bill