On 3/8/2010 6:46 PM, Richard Huntrods wrote: > Does anyone know if it is possible, or has anyone done this: > > I have two applications running on a single server. The applications > use different domains and URLs, so the single Tomcat instance can > easily tell them apart. (Note: this part is currently working just fine). > > https://domain1/application1 > https://domain2/application2 > > Again, both domains point to the same static IP, and yes, it is > possible for someone to access either application from either domain. > Normally, that is not an issue with the clients. > > However, I currently have only one SSL certificate on the server - > this is for domain1. So if you use domain1 to access application1, > it's all fine. The security cert comes up green and all that. > > BUT - if you try and access application2 via domain2, you get the red > security cert (wrong domain / server name). I would like to purchase a > second certificate for the second domain, and am wondering if this can > be done, and how one would tell Tomcat (in server.xml) to acknowledge > the second certificate. > > Currently the stuff in server.xml looks like this: > > <Connector port="443" protocol="HTTP/1.1" SSLEnabled="true" > maxThreads="150" enableLookups="false" scheme="https" > secure="true" > keystoreFile="./keys/.keystore" keystorePass="myPassword" > clientAuth="false" sslProtocol="TLS" /> > > > I have a bad feeling it's not possible, but wanted to ask anyway. > > Thanks in advance. > > -R
Seems like you should be able to get another certificate and have two Connector elements, each configured with a different ssl cert (diff. keystore?). Each will also have to have an address attribute to bind it to a specific IP. I've never actually ever messed with SSL on tomcat so you may want to look at the tomcat docs and howtos on the subject. --David --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
