	This package allows you to build both non-SSL and SSL
servers.

-- INSTALLATION --

* Edit the apache/Configuration file to reflect your system. (Ignore the
  lines about SSL.) See the "apache/INSTALL" file for information on
  how to configure the Configuration file.

* Edit the top level 'Makefile' to say which C compiler you want to
  use.

* Non-commercial: Edit rsaref/install/makefile as necessary.

* Commercial: Enter rsaref/install/objs. Choose the platform you are
  using and copy it to ../rsaref.a.

* Configure SSL: Run 'Configure' in the ssl/ directory to get a list of
  supported platforms for SSL. Choose one and run 'Configure' again.

* Type 'make' in the top-level directory. Everything, if the makefiles
  were configured properly, should be made.

* Run 'make install'. Things will be installed in /usr/local/ssl and
  /usr/local/etc/httpd

-- CONVERTING OLD KEYS/CERTS --

If you are upgrading to Apache-SSL from the Netscape Commerce server,
you need to use the "ns_convert" program in /usr/local/ssl/bin to
convert the key and certificate from your Netscape server to the
proper format for the Apache-SSL server.

WARNING: If you generated your key using a version of Netscape
Commerce earlier than 1.12 your key is *insecure*, due to a bug in
early NS-Commerce servers. Do not use that key, generate a new one, as
described below. (Verisign should give you a new signed certificate
free of charge)

The following will take ServerKey.der and ServerCert.der from
/usr/ns-home/https-443/config and install them as 
/usr/local/ssl/private/httpd.key and /usr/local/ssl/certs/httpd.cert

> /usr/local/ssl/bin/ns_convert /usr/ns-home/https-443/config httpd

= CERTIFICATES =

We are still making arrangements with Verisign such that they will sign
certificates generated with this package. An announcement will be made
when this is possible, and instructions will be added here.

- CERTIFICATE GENERATION -

To generate your keys and test certificate, run:

> /usr/local/ssl/bin/genkey httpd

Once you get your response from your CA with a signed certificate,
install it in /usr/local/ssl/certs/httpd.cert and then do:

> /usr/local/ssl/bin/getcert httpd
