Deploy mod_ssl

An XCCDF Group

Details
Profiles
Prose

Description

Because HTTP is a plain text protocol, all traffic is susceptible to passive monitoring. If there is a need for confidentiality, SSL should be configured and enabled to encrypt content.

Note: mod_nss is a FIPS 140-2 certified alternative to mod_ssl. The modules share a considerable amount of code and should be nearly identical in functionality. If FIPS 140-2 validation is required, then mod_nss should be used. If it provides some feature or its greater compatibility is required, then mod_ssl should be used.

ID: xccdf_org.ssgproject.content_group_httpd_deploy_mod_ssl
Child Items: 4
Updated: about 1 year ago