You should be using two different files for your keystores, on for CompnayA
and one for CompanyB.
> -----Original Message-----
> From: Dale M. Boresz [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, September 27, 2000 8:03 AM
> To: Orion-Interest
> Subject: Associating SSL certs with appropriate site
>
>
> To any SSL guru's:
>
> I have two (servlet/jsp) web sites set up (CompanyA and
> CompanyB), with
> each site capable of being accessed normally and via SSL. I have a
> certificate for each site, and both certificates are contained in a
> common "keystore". I am unable to persuade the Orion server
> to associate
> the correct SSL certificate with the appropriate site. When I
> attempt to
> access either site via SSL, I always get the certificate for
> CompanyB -
> which was the last one imported into the keystore. (I don't know if
> that's significant or not.)
>
> The locations of significant files:
>
> CompanyA is at:
> orion/applications/CompA/CompA-web/WEB-INF/web-site.xml
> orion/applications/CompA/CompA-web/WEB-INF/secure-web-site.xml
>
> CompanyB is at:
> orion/applications/CompB/CompB-web/WEB-INF/web-site.xml
> orion/applications/CompB/CompB-web/WEB-INF/secure-web-site.xml
>
> The Keystore is at:
> orion/keystore
> (The CN for each certificate matched the domain name of each site -
> i.e. www.companya.com, and www.companyb.com)
>
> Orion configuration file:
> orion/config/server.xml
>
> The file contents (minus the dtd header info):
> CompanyA web-site.xml:
> <web-site host="[ALL]" port="80" display-name="Company A"
> virtual-hosts="www.companya.com">
> <default-web-app application="CompA" name="CompA-web"
> shared="true" />
>
> <web-app applicatioin="CompA" name="CompA-web"
> root="/CompA/CompA-web"
> />
> </web-site>
>
> CompanyA secure-web-site.xml:
> <web-site host="[ALL]" secure="true" display-name="Company A"
> virtual-hosts="www.companya.com">
> <default-web-app application="CompA" name="CompA-web"
> shared="true" />
>
> <web-app applicatioin="CompA" name="CompA-web"
> root="/CompA/CompA-web"
> />
> <ssl-config keystore="../../../../keystore"
> keystore-password="123456"
> />
> </web-site>
>
> (CompanyB files look the same - except CompA is CompB etc.)
>
> Orion server.xml configuration file:
> <application-server
> application-directory="../applications"
> deployment-directory="../application-deployments">
>
> <library path="../lib" />
>
> <rmi-config path="./rmi.xml" />
>
> <principals path="./principals.xml" />
>
> <log>
> <file path="../log/server.log" />
> </log>
>
> <global-application name="default" path="application.xml" />
>
> <global-web-app-config path="global-web-application.xml" />
> <web-site path="./default-web-site.xml" />
>
> <application name="CompA" path="../applications/CompA/" />
> <web-site
> path="../applications/CompA/CompA-web/WEB-INF/web-site.xml"
> />
> <web-site
> path="../applications/CompA/CompA-web/WEB-INF/secure-web-site.xml" />
>
> <application name="CompB" path="../applications/CompB/" />
> <web-site
> path="../applications/CompB/CompB-web/WEB-INF/web-site.xml"
> />
> <web-site
> path="../applications/CompB/CompB-web/WEB-INF/secure-web-site.xml" />
>
> </application-server>
>
> When I attempt to access either https://www.companya.com or
> https://www.companyb.com, I gain access to the appropriate site, BUT
> always using the certificate for www.companyb.com.
>
> Thanks in advance for any help or insight into what I am doing wrong!
>
> -Dale
>
>
