libapache2-mod-nss - NSS-based SSL module for Apache2

Property Value
Distribution Debian 8 (Jessie)
Repository Debian Main amd64
Package name libapache2-mod-nss
Package version 1.0.10
Package release 3
Package architecture amd64
Package type deb
Installed size 330 B
Download size 80.48 KB
Official Mirror
This Apache module provides strong cryptography for the Apache 2.0 webserver
via the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS
v1) protocols by the help of the SSL/TLS implementation library NSS
This module is based heavily on the mod_ssl package. In fact, it's more
a conversion than anything else.


Package Version Architecture Repository
libapache2-mod-nss_1.0.10-3_i386.deb 1.0.10 i386 Debian Main
libapache2-mod-nss - - -


Name Value
apache2-api-20120211 -
libc6 >= 2.14
libnspr4 >= 2:4.9-2~
libnspr4-0d >=
libnss3 >= 2:3.14
libnss3-tools -


Type URL
Binary Package libapache2-mod-nss_1.0.10-3_amd64.deb
Source Package libapache2-mod-nss

Install Howto

  1. Update the package index:
    # sudo apt-get update
  2. Install libapache2-mod-nss deb package:
    # sudo apt-get install libapache2-mod-nss




2015-03-12 - Timo Aaltonen <>
libapache2-mod-nss (1.0.10-3) unstable; urgency=medium
* postrm: Clean up the right files. (Closes: #770536)
* README.Debian: Removed, it was obsolete and contained misinformation.
2014-10-28 - Timo Aaltonen <>
libapache2-mod-nss (1.0.10-2) unstable; urgency=medium
* rules: Don't enable the module by default.
2014-10-21 - Timo Aaltonen <>
libapache2-mod-nss (1.0.10-1) unstable; urgency=medium
* mod_nss-conf.patch: Fix IfModule header so it'll actually load when
the module is enabled.
* gencert: Revert back to default legacy db's.
* Update project homepage and watch file to match.
2014-10-10 - Timo Aaltonen <>
libapache2-mod-nss (1.0.9-1) unstable; urgency=medium
* New upstream release
- removed a bunch of patches merged upstream
- updated the remaining patches
* mod_nss-conf.patch: Updated paths, use /etc/apache2/nssdb.
* dirs: Create /etc/apache2/nssdb instead.
* control: Use canonical vcs urls.
* compat, control: Bump dh to 9.
* debian/nss.conf: Removed, use the patched upstream conf instead.
* control, rules: Use dh and dh-autoreconf.
* install, links: Install nss_pcache in /usr/lib/libapache2-mod-nss, add
a convenience symlink to /usr/sbin.
* rules: Added a gentarball target.
* gencert: Create sqlite-based db's.
* rules: Disable tests, too many fedoraisms.
* manpages: Install manpages for nss_pcache and gencert.
* rules: Add a symlink to to the nssdb.
* postinst, postrm: Create the nssdb on postinst, clear on postrm.
2014-02-03 - Timo Aaltonen <>
libapache2-mod-nss (1.0.8-4) unstable; urgency=medium
* mod_nss-clientauth.patch:
- Fix CVE-2011-4973: FakeBasicAuth authentication bypass.
(Closes: #729626)
* mod_nss-nssverifyclient.patch:
- Fix CVE-2013-4566: incorrect handling of NSSVerifyClient in
directory context. (Closes: #731627)
* control: Bump policy to 3.9.5, no changes.
2013-07-09 - Timo Aaltonen <>
libapache2-mod-nss (1.0.8-3) unstable; urgency=low
* watch: Add a comment about the upstream git tree.
* mod_nss-overlapping_memcpy.patch: Patch from Fedora to use memmove
instead of memcpy. (LP: #1093974)
* mod_nss-httpd24.patch: Port to Apache 2.4. (Closes: #707064)
* control, rules, libapache2-mod-nss.apache2: Port to apache2-dev.
* control: Bump policy to 3.9.4, no changes.
2012-06-28 - Timo Aaltonen <>
libapache2-mod-nss (1.0.8-2) unstable; urgency=low
* Add patches from Fedora:
- mod_nss-conf.patch:
Change some default config values (modified for Debian)
- mod_nss-gencert.patch:
Don't create a default password.
- mod_nss-negotiate.patch:
Add configuration options for new NSS negotiation API.
- mod_nss-reverseproxy.patch:
Use remote hostname set by mod_proxy to compare to CN in peer cert.
- mod_nss-pcachesignal.patch:
Ignore SIGHUP in nss_pcache.
- mod_nss-wouldblock.patch:
Fix an NSPR layer bug.
- mod_nss-reseterror.patch:
Reset NSPR error before calling PR_Read().
- mod_nss-lockpcache.patch:
Lock around the pipe to nss_pcache for retrieving the token PIN.
* Add flex to build-depends (FTBFS).
* control: Add a VCS header to point to the git repository.
* copyright: Use DEP5 format.
* control: Bump standards version to 3.9.3, no changes.
* watch: Fix the url.
2010-10-17 - Michele Baldessari <>
libapache2-mod-nss (1.0.8-1) unstable; urgency=low
* New upstream
* Patch for softokn3 is not needed anymore
* Add doc/mod_nss.html
* Enable Elliptic Curve Cryptography
* Fix build
* Add ${misc:Depends}
* Spelling fixes
* Bumped policy to 3.8.3
* Switch to dpkg-source 3.0 (quilt) format
* Bumped policy to 3.8.4
* Removed README.source
* Added pkg-config, libtool & automake to B-D
* Changed my email address
* Fix compilation issues (QUILT_STAMPFN)

See Also

Package Description
libapache2-mod-parser3_3.4.3-4_amd64.deb Parser 3, HTML-embedded scripting language (Apache2 module)
libapache2-mod-passenger_4.0.53-1_amd64.deb Rails and Rack support for Apache2
libapache2-mod-perl2-dev_2.0.9~1624218-2+deb8u2_all.deb Integration of perl with the Apache2 web server - development files
libapache2-mod-perl2-doc_2.0.9~1624218-2+deb8u2_all.deb Integration of perl with the Apache2 web server - documentation
libapache2-mod-perl2_2.0.9~1624218-2+deb8u2_amd64.deb Integration of perl with the Apache2 web server
libapache2-mod-php5_5.6.33+dfsg-0+deb8u1_amd64.deb server-side, HTML-embedded scripting language (Apache 2 module)
libapache2-mod-php5filter_5.6.33+dfsg-0+deb8u1_amd64.deb server-side, HTML-embedded scripting language (apache 2 filter module)
libapache2-mod-proxy-html_2.4.10-10+deb8u12_amd64.deb Transitional package for apache2-bin
libapache2-mod-proxy-msrpc_0.5-1_amd64.deb Apache module for Outlook Anywhere support in reverse proxy setups
libapache2-mod-proxy-uwsgi_2.0.7-1+deb8u2_amd64.deb uwsgi proxy module for Apache2 (mod_uwsgi)
libapache2-mod-python-doc_3.3.1-11_all.deb Python-embedding module for Apache 2 - documentation
libapache2-mod-python_3.3.1-11_amd64.deb Python-embedding module for Apache 2
libapache2-mod-qos_11.5-2_amd64.deb quality of service module for the apache2
libapache2-mod-removeip_1.0b-5.1_amd64.deb Module to remove IP from apache2's logs
libapache2-mod-rivet-doc_2.2.0-1_all.deb Documentation for Rivet, a server-side Tcl programming system