tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Justin Jaynes <justinjay...@yahoo.com>
Subject Re: Using more than one SSL cert in keystore?
Date Mon, 08 Aug 2005 18:56:57 GMT
Paul,

Thanks.  I am doing as you have instructed.  I hope to
set up client-side redirects.  Can you please tell me
how?  Does it require javascript, or just HTML?  Where
can I learn about client side re-directs?

Justin Jaynes

--- Paul Singleton <paul@jbgb.com> wrote:

> Justin Jaynes wrote:
> 
> > ...But now I would like to put up a new
> > site that is completely independant of the others.
>  It
> > needs its own SSL cert and it needs four host
> names to
> > all point to the same place and redirect to just
> one
> > of the domain names so that the SSL cert will be
> > valid, regardless of how the users chose to get to
> my
> > site.
> 
> An SSL cert is for a specific domain name.  If you
> want
> your users to be able to make HTTPS requests to all
> four
> domains without warnings from the browser, I reckon
> you
> need four certificates.
> 
> But if they make non-SSL requests, and you respond
> with
> a client-side redirect to your one true certificated
> site using HTTPS, that may work OK?
> 
> > Is it possible to do Virtual Hosting using IP's on
> a
> > Tomcat standalone installation?
> 
> Yes, I'm doing this now with 5.5.9
> 
> You need e.g. this server.xml stuff for each host:
> 
>    Service
>      Connector (HTTP)
>      Connector (HTTPS)
>      Engine
>        Host
>          Context
> 
> You can use the default keystore for all hosts, and
> use the (undocumented) keyAlias="myalias" Connector
> attribute
> to offer the appropriate certificate for each host,
> e.g.
> 
>          <Connector
>            address="288.104.197.211"
>            port="8443"
>            scheme="https"
>            secure="true"
>            sslProtocol="TLS"
>            keyAlias="mrk2"
>          />
> 
> (in 5.5.9 you also need sslProtocol="TLS"
> explicitly,
> fixed in later versions)
> 
> Paul Singleton
> 
> 
> -- 
> No virus found in this outgoing message.
> Checked by AVG Anti-Virus.
> Version: 7.0.338 / Virus Database: 267.10.0/63 -
> Release Date: 3/Aug/2005
> 
> 
>
---------------------------------------------------------------------
> To unsubscribe, e-mail:
> tomcat-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail:
> tomcat-user-help@jakarta.apache.org
> 
> 


---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


Mime
View raw message