2 Replies Latest reply on Nov 19, 2008 11:56 AM by Eric H

    TLS extension for hostnames

    Eric H Novice

      TLS has a cool feature which makes it easy to do virtual hosts, with TLS, all on one IP address. From: http://www.faqs.org/rfcs/rfc3546.html

      3.1. Server Name Indication
       TLS does not provide a mechanism for a client to tell a server the
       name of the server it is contacting. It may be desirable for clients
       to provide this information to facilitate secure connections to
       servers that host multiple 'virtual' servers at a single underlying
       network address.
       In order to provide the server name, clients MAY include an extension
       of type "server_name" in the (extended) client hello. The
       "extension_data" field of this extension SHALL contain
       "ServerNameList" where:

      Does JBoss AS support this? It would be very handy to have multiple virt. hosts on one IP address and let them use their own SSL certs, but I can't figure out a way to configure that within the embedded Tomcat and I don't even know if it supports it.