[prev in list] [next in list] [prev in thread] [next in thread] 

List:       tomcat-user
Subject:    RE: SSL on Virtual Hosts
From:       "George Sexton" <gsexton () mhsoftware ! com>
Date:       2006-02-02 19:55:57
Message-ID: 20060202195557.A803071A78 () mail ! mhsoftware ! com
[Download RAW message or body]

SSL requires a dedicated Connector bound to a dedicated IP address to work.

This is because the certificate exchange takes place before the HTTP request
transmits the desired HOST name.

George Sexton
MH Software, Inc.
http://www.mhsoftware.com/
Voice: 303 438 9585
  

> -----Original Message-----
> From: lagnada@gmail.com [mailto:lagnada@gmail.com] On Behalf 
> Of Antonio W. Lagnada
> Sent: Thursday, February 02, 2006 12:52 PM
> To: users@tomcat.apache.org
> Subject: SSL on Virtual Hosts
> 
> Hi All,
> 
> As far as I know there's only one place to set the keystore 
> in tomcat (
> server.xml).
> 
>     <Connector port="443" maxHttpHeaderSize="8192"
>                maxThreads="150" minSpareThreads="25" 
> maxSpareThreads="75"
>                enableLookups="false" disableUploadTimeout="true"
>                acceptCount="100" scheme="https" secure="true"
>                clientAuth="false" sslProtocol="TLS"
>                keystoreFile="conf/my-keystore" 
> keystorePass="password" />
> 
> Will tomcat support https on virtual domains?
> 
> If I have placed "www.host1.com" and "www.host2.com" on my 
> keystore, will
> tomcat map the correct domain entry?  Right now I think the 
> first entry gets
> used all the time no matter what host name is being used.
> 
> https://www.host1.com  -> mapped to www.host1.com keystore entry
> https://www.host2.com  -> ALSO mapped to www.host1.com keystore entry
> 
> --
> 
> Thanks
> 


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org

[prev in list] [next in list] [prev in thread] [next in thread]