-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Kevin,
On 4/6/13 10:10 PM, Kevin Jenkins wrote: > I have a server that has two hosts: First: > http://masterserver2.raknet.com/ > > Second (using alias) https://lobby3.raknet.com > <https://milestone.lobby3.raknet.com:444/> > https://milestone.lobby3.raknet.com:444/ > > I would like have access be on these specific URLS. Right now you > can use untrusted URLs, such as https://masterserver2.raknet.com/ > https://milestone.lobby3.raknet.com/ > > Additionally, I would like to access milestone.lobby3.raknet.com on > port 443 rather than 444 (so that 443 does not display a warning > like it does now). > > I setup two connectors because I did not know how else to specify > there are two ssl certificate files If you want two separate hostnames served under HTTPS and you: a. Don't have a wildcard or other special type of certificate or b. Don't have Server Name Indication capabilities ...then you will need to configure a <Connector> for each hostname on a separate interface/port combination with separate certificates. The easiest way to do this is to set up a second interface with a separate IP address. This is usually trivial to do, and it doesn't really interfere with networking on the server. Just create a second interface with a second IP address, map DNS properly, and then set up your web server to bind specifically to the second IP address for the second hostname's SSL virtual host. Your <Connectors> look just fine (other than the use of port 444, of course). Once you have a second interface/IP, you'll want to use the "address" attribute of the <Connector> to choose the interface to listen on. I would choose one <Connector> to listen on *all* interfaces to be a catch-all in case your IP address(es) change(s) and you forget to re-configure everything: a security warning due to a mismatched-host is better for users than an unreachable host. - -chris -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.17 (Darwin) Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBCAAGBQJRYZUIAAoJEBzwKT+lPKRYj44P/iYRzgb3O2rjHU6fnH4xjdDf EdtuWrMIDyesjxI5DgFmkk++0R5CeIZKfD5BDlIB5wAZtM2kEMQAud/uJ/8+spkT mMAAR4LmenPB5kmXbHGznBH+DE0ih2ILt/Zq0HuYzGrDiVFDfEf/55F6R8OEYF7Z ok5ygMDPXOwrmq6lyvm8zGelcQ6yCFK8/zJkaH2+EHXHQBMmy5oVoz0OfmqN1RxN EqxpsFK9qbZVWdP5lePH4uAzjHp17W19BThxO16LOJy2teEvKDex+pHP2RLR3Pk4 nHjybAQLoM18dYtkpabOQ13537eBUbcOhvxq0BPAb1l1UJ9d22a4J8RjoPF1uUK9 hkAWDtKdqVltrSLCkowbfoVyGEPltyzqEUcP2zIg5Kn5C4cpITt4nH9OoVmrmbG0 AOMDUdJEfRurSqBGLirXxhzDnEpqFipvy1cRHrB400tnFziOLOIJtojrzmJQp+3a Z798cHthQ/2jiK7U8M5eVfsS5BzzECVI6ss8pJViWgVExoC4GNToimWoNOO0J4UZ x6bLNaf7O5fbzBS/U8tgeYjmGsnOLTOiEV/ddmPYqu1FHio4TLrk9k2k/lX5TyZF TSR0pBKggqMDeFr8dcxuXnEJTjQNT+9YyJapXfcjy3jlmzP8nVbgRb+zWM9ycuXd 9ls4z5Rw7/KsYPoEFeEp =2flM -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
