Apache HTTP Server
This document provides information about configuring Futurex HSMs with Apache HTTP Server using Futurex PKCS #11 libraries. For additional questions related to your HSM, see the relevant user guide.
Apache HTTP Server, typically referred to as Apache, is a free and open-source cross-platform web server software. Originally released in 1995, it is one of the oldest and most reliable web server software on the internet, running 67% of all web servers in the world. Apache is developed and maintained by an open community of developers with the guidance of the Apache Software Foundation.
The purpose of a web server is to serve websites on the internet. It accomplishes this via HTTP protocol. The primary job of all web servers is to accept requests from clients and send a response to that request (such as the components of the page that a visitor wants to see).
The Apache HTTP Server can work with private keys stored on hardware security modules (HSMs), which helps to prevent the keys' disclosure and man-in-the-middle attacks.
For secure communication with the HTTPS protocol, the Apache HTTP server uses the OpenSSL library. OpenSSL does not support PKCS #11 natively. To utilize HSMs, install the openssl-pkcs11 package on CentOS or the libengine-pkcs11-openssl package in Ubuntu. These packages provide access to PKCS #11 modules through the engine interface. You can use a PKCS #11 URI instead of a regular file name to specify a server key, and use a certificate in the configuration file for the appropriate website.
The Guardian Series 3 introduces mission-critical viability to core cryptographic infrastructure, including:
- Centralization of device management
- Elimination of points of failure
- Distribution of transaction loads
- Group-specific function blocking
- User-defined grouping systems
Please see the applicable guide in the Futurex Portal, which covers how to use the Guardian Series 3 to configure HSMs for PKCS #11 integrations.