Configuring Apache access control

I have the following entry in my http.conf:

#-------------

SSLVerifyClient require
SSLVerifyDepth 1
AuthName SOME
AuthType Basic
AuthBasicProvider ldap
AuthUserFile nul
AuthLDAPUrl "ldap://ldap.bla.com/ou=People, o=bla.com" TLS
AuthzLDAPAuthoritative off
require valid-user

#------------------

The authentication works fine, BUT the browser (IE7) prompts for the
user name and password with the following warning:

Warning: This server is requesting that your username and password be
sent in an insecure manner (basic authentication without a secure
connection).

It looks like then traffic between the browser and Apache is not
encrypted and the password can be intercepted.

Any idea how to configure to prevent this? The apache doc only says: use
SSL, but how?

Re: Configuring Apache access control

Post removed (X-No-Archive: yes)