tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Roman Fail" <rf...@posportal.com>
Subject RE: Standalone Tomcat/Multiple SSL Certs
Date Thu, 17 Apr 2003 20:00:44 GMT
My test was successful.  I now have a single-instance of
standalone Tomcat running as a non-root user with multiple
SSL certificates.  And all this on a single network card.

Now I'm going to get my certificates signed by a CA and put these
sites into production.

For what it's worth, I found these links very helpful:

Securing Linux for Java Services (EXCELLENT, especially iptables)
http://www-106.ibm.com/developerworks/java/library/l-secjav.html

Installing and Configuring SSL Support on Tomcat 
http://java.sun.com/webservices/docs/1.0/tutorial/doc/WebAppSecurity6.html

My environment is:
Standalone Tomcat 4.1.24
RedHat Linux 8.0
Sun J2SDK 1.4.1_02


Roman Fail
POS Portal, Inc.


>Bill Barker wrote: 
>I've never tried it, but AFAIK it should work.  If it doesn't please post a
>bug-report to http://nagoya.apache.org/bugzilla
>
>
>"Roman Fail" <rfail@posportal.com> wrote in message
>> I have read the list archives pertaining to the difficulty of 
>> having multiple SSL certificates for a single standalone Tomcat installation.
>>
>> However, no one mentioned this idea, and I'm curious if anyone can poke
>> some holes in it.
>>   - Separate IP addresses for each distinct domain name/SSL 
>>     cert combination
>>   - Define multiple Connectors for the SSL port, each with a distinct
>>     IP address AND distinct keystore file
>>   - Each keystore file has an individual SSL certificate stored in it
>>     (with key name 'tomcat')
>>
>> Would this work?  I'm willing to try setting it up if there are no 
>> obvious show-stoppers.
>>
>> Thanks,
>> Roman Fail
>> POS Portal, Inc.

Mime
View raw message