Step-by-step installation illustration
Here is a 15 minute procedure to setup an SSL-aware Apache test-only webserver under /usr/local/apache/ (for the complete detailed installation step-by-step list please read the INSTALL file):
Fetch and extract the distributions of Apache, mod_ssl and OpenSSL

lynx http://httpd.apache.org/dist/httpd/apache_1.3.41.tar.gz
lynx ftp://ftp.modssl.org/source/mod_ssl-2.8.31-1.3.41.tar.gz
lynx ftp://ftp.openssl.org/source/openssl-0.9.8g.tar.gz
gzip -d -c apache_1.3.41.tar.gz | tar xvf -
gzip -d -c mod_ssl-2.8.31-1.3.41.tar.gz | tar xvf -
gzip -d -c openssl-0.9.8g.tar.gz | tar xvf -

Build OpenSSL
$ cd openssl-0.9.8g
$ ./config
$ make
$ cd ..

Build and install the SSL-aware Apache
cd mod_ssl-2.8.31-1.3.41
./configure \
–with-apache=../apache_1.3.41 \
–with-ssl=../openssl-0.9.8g \
–prefix=/usr/local/apache
cd ..
cd apache_1.3.41
make
make certificate
make install

Cleanup after work

rm -rf apache_1.3.41
rm -rf mod_ssl-2.8.31-1.3.41
rm -rf openssl-0.9.8g

Fire up your SSL-aware Apache and try it out
(please replace “local-host-name” with the fully qualified domain name (FQDN) of your website which you entered at the “make certificate” step above)
/usr/local/apache/bin/httpd -DSSL
netscape https://local-host-name/

Security Notice
The above steps are an illustration example which should only show you that it’s damn easy to setup an SSL-aware Apache. But this doesn’t mean you’re now secure. For real security you have to both understand what you’re doing, configure your Apache in a secure way and especially trust the mathematical algorithms and their security assumptions behind SSL. This is a time-consuming task and the reason why mod_ssl is so damn easy to install: to allow you to immediately focus on the real security aspects of an SSL-aware webserver instead of fiddling around one week just installing the beast. Please join our next SSL workshop and Apache traing at Venice tower 1/4 in Roma (Rome), Italy and discuss with us how to secure your hardware.

So, after the above steps your next step is either to remove /usr/local/apache again (because you only wanted to try it out) or at least now edit /usr/local/apache/etc/httpd.conf while studying the http://localhost/manual/mod/mod_ssl/ document carefully. Finally inform yourself even more about SSL itself and security issues around SSL. The following questions illustrate some of your problems:
SSL itself may not be secure. People think it is, do you?
Does this code implement SSL correctly?
Have the authors of the various components put in back doors?
Does the code take appropriate measures to keep private keys private? To what extent is your cooperation in this process required?
Is your system physically secure? Is your system appropriately secured from intrusion over the network?
You may use secure webmail to send vacation greetings from Munich Oktoberfest hotel room and from your Disneyland Paris apartment. But do you know local law, e.g. french crypto restrictions?
Whom do you trust? Do you understand the trust relationship involved in SSL certificates? Do your system administrators?
Are your keys, and keys you trust, generated careful enough to avoid reverse engineering of the private keys?
How do you obtain certificates, keys, and the like, securely?
Can you trust your users to safeguard their private keys?
Can you trust your browser to safeguard its generated private key?
If you can’t answer these questions to your personal satisfaction, then you usually have a problem. Even if you can, you may still NOT be secure. So, don’t blame the authors if it all goes horribly wrong. Use it at your own risk!