-
1. Re: HTTPS and Virtual hosts/multiple host names
jleech Jul 26, 2004 5:45 PM (in response to thl-mot)I might be wrong, but this is the way it was explained to me -- It can't be done since the cert is tied to an ip / port, not a server name. And the cert is given back to the browser before the server has any idea what URL the browser is going to. What I think you could do (but I haven't tried myself) is to set up the server with multiple IP addresses, and configure multiple Tomcat connectors, one per IP address, each with its own keystore. Or basically do the same thing, but with one IP address, and each connector running on a different port.
-
2. Re: HTTPS and Virtual hosts/multiple host names
thl-mot Jul 27, 2004 2:54 AM (in response to thl-mot)It's exactly like jleech described.
A certificate is bound to the IP address - Port combination.
Encryption is already used when the hostname is transferred to the server as part of the page-request.
But how do I specify the ip address in the connector? -
3. Re: HTTPS and Virtual hosts/multiple host names
starksm64 Jul 27, 2004 9:41 AM (in response to thl-mot)Via the address attribute, which may be a system property reference in jboss as shown here.
<Connector className = "org.apache.coyote.tomcat4.CoyoteConnector" address="${jboss.bind.address}" port = "8443" scheme = "https" secure = "true"> <Factory className = "org.apache.coyote.tomcat4.CoyoteServerSocketFactory" keystoreFile="${jboss.server.home.dir}/conf/tc.keystore" keystorePass="tc-password" protocol = "TLS"/> </Connector>
http://jakarta.apache.org/tomcat/tomcat-4.1-doc/config/coyote.html