Apache HTTP Server
This document provides information about using PKCS #11 libraries to configure our HSMs with Apache HTTP Server. For additional questions related to your HSM, see the relevant user guide.
Apache HTTP Server, typically referred to as Apache, is a free and open-source cross-platform web server software. Originally released in 1995, it is one of the oldest and most reliable web server software on the internet, running 67% of all web servers worldwide. An open community of developers develops and maintains Apache with the guidance of the Apache Software Foundation.
The purpose of a web server is to serve websites on the internet. It accomplishes this though HTTP protocol. The primary job of all web servers is to accept requests from clients and send a response to that request, such as the components of the page that a visitor wants to see.
The Apache HTTP Server can work with private keys stored on HSMs, which helps to prevent accidental key disclosure and man-in-the-middle attacks.
For secure communication with the HTTPS protocol, the Apache HTTP server uses the OpenSSL library, but OpenSSL does not support PKCS #11 natively. To use HSMs, install the openssl-pkcs11 package on CentOS or the libengine-pkcs11-openssl package on Ubuntu. These packages provide access to PKCS #11 modules through the engine interface. You can use a PKCS #11 URI instead of a regular file name to specify a server key and use a certificate in the configuration file for the appropriate website.