RE: tomcat, SSL and multiple urls
The SSL protocol demands that the domain recorded within the SSL certificate is the same as the domain thru which the SSL connection is obtained. Otherwise the SSL connection negotiation will fail. This is to avoid the nastiness of hijacking and whatnot. To use the 2 different domains that you have you will need 2 different SSL certificates, taking into account the limitations in the web server et all to handle multiple SSL certificates for different domains etc. My memory is a little fuzzy on this area as its been a while since I've had to think about it so take some salt with this :) Alternativly if you had a redirector or load balancer of some kind sitting in front of your web server you could have a SSL certifcate bound to a more generic domain like www.myserver.net, and have the redirector/balancer dish out the requests to www.myserver1.net and www.myserver2.net while still supporting the SSL. I don't know how Tomcats load balancing works with SSL... But then i'm not a network architect either... so more salt.. Regards, Shane. -Original Message- From: ian [mailto:[EMAIL PROTECTED] Sent: Wednesday, 12 May 2004 2:41 PM To: 'Tomcat Users List' Subject: tomcat, SSL and multiple urls Hi. Is it possible for tomcat to have multiple domain names connecting thru SSL? For example, my tomcat-5.0.19 is hosted on a server with 202.10.11.12 as its public IP. This IP can be accessed thru either www.myserver1.net or www.myserver2.net. All connections can only go thru SSL (https). Is this possible? If so, how do I configure tomcat's keystore? Thanks in advance. - ian - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: tomcat, SSL and multiple urls
This setup is actually not for load balancing. We just had a bad experience yesterday wherein a supposed world class data center here failed to pay their bills resulting to forfeit their registration for their domain names, 2 of which were ours. Because of this our services were inaccessible to all our clients. To prevent another event like this, I was thinking of having another domain name for our server hosted on a different DNS. I'm just not sure whether tomcat can handle multiple SSL certificates. If so, how do I configure it? Thanks for your reply. - ian -Original Message- From: Shane Linley [mailto:[EMAIL PROTECTED] Sent: Wednesday, May 12, 2004 2:53 PM To: Tomcat Users List Subject: RE: tomcat, SSL and multiple urls The SSL protocol demands that the domain recorded within the SSL certificate is the same as the domain thru which the SSL connection is obtained. Otherwise the SSL connection negotiation will fail. This is to avoid the nastiness of hijacking and whatnot. To use the 2 different domains that you have you will need 2 different SSL certificates, taking into account the limitations in the web server et all to handle multiple SSL certificates for different domains etc. My memory is a little fuzzy on this area as its been a while since I've had to think about it so take some salt with this :) Alternativly if you had a redirector or load balancer of some kind sitting in front of your web server you could have a SSL certifcate bound to a more generic domain like www.myserver.net, and have the redirector/balancer dish out the requests to www.myserver1.net and www.myserver2.net while still supporting the SSL. I don't know how Tomcats load balancing works with SSL... But then i'm not a network architect either... so more salt.. Regards, Shane. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]