Return-Path: 
 <tomcat-user-return-130888-apmail-jakarta-tomcat-user-archive=jakarta.apache.org@jakarta.apache.org>
Delivered-To: apmail-jakarta-tomcat-user-archive@www.apache.org
Received: (qmail 23633 invoked from network); 5 Aug 2005 18:33:06 -0000
Received: from hermes.apache.org (HELO mail.apache.org) (209.237.227.199)
  by minotaur.apache.org with SMTP; 5 Aug 2005 18:33:06 -0000
Received: (qmail 56389 invoked by uid 500); 5 Aug 2005 18:32:30 -0000
Delivered-To: apmail-jakarta-tomcat-user-archive@jakarta.apache.org
Received: (qmail 56360 invoked by uid 500); 5 Aug 2005 18:32:30 -0000
Mailing-List: contact tomcat-user-help@jakarta.apache.org; run by ezmlm
Precedence: bulk
List-Unsubscribe: <mailto:tomcat-user-unsubscribe@jakarta.apache.org>
List-Help: <mailto:tomcat-user-help@jakarta.apache.org>
List-Post: <mailto:tomcat-user@jakarta.apache.org>
List-Id: "Tomcat Users List" <tomcat-user.jakarta.apache.org>
Reply-To: "Tomcat Users List" <tomcat-user@jakarta.apache.org>
Delivered-To: mailing list tomcat-user@jakarta.apache.org
Received: (qmail 56326 invoked by uid 99); 5 Aug 2005 18:32:30 -0000
Received: from asf.osuosl.org (HELO asf.osuosl.org) (140.211.166.49)
    by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 05 Aug 2005 11:32:30 -0700
X-ASF-Spam-Status: No, hits=0.0 required=10.0
	tests=
X-Spam-Check-By: apache.org
Received-SPF: pass (asf.osuosl.org: local policy)
Received: from [216.126.204.135] (HELO mail.ikano.com) (216.126.204.135)
    by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 05 Aug 2005 11:32:18 -0700
Received: from JefS [205.208.194.75] by mail.ikano.com with ESMTP
  (SMTPD32-8.10) id A0B912A300B0; Fri, 05 Aug 2005 12:32:25 -0600
From: "Jef Sullivan" <jefs@ikano.com>
To: "'Tomcat Users List'" <tomcat-user@jakarta.apache.org>
Subject: RE: Using more than one SSL cert in keystore?
Date: Fri, 5 Aug 2005 12:32:24 -0600
MIME-Version: 1.0
Content-Type: text/plain;
	charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Office Outlook, Build 11.0.5510
In-Reply-To: <42F22444.40906@jbgb.com>
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180
Thread-Index: AcWY/8dvqhRv03feSTy791qTRUlsvAA7Bzrw
Message-Id: <200508051232403.SM01260@JefS>
X-RBL-Warning: IPNOTINMX: 
X-RBL-Warning: CMDSPACE: Space found in RCPT TO: command.
X-RBL-Warning: SPAMHEADERS: This E-mail has headers consistent with spam
 [4000020e].
X-Declude-Sender: jefs@ikano.com [205.208.194.75]
X-Declude-Spoolname: Db0b812a300b0803b.SMD
X-Declude-Note: Scanned by Declude 2.0.5 (http://www.declude.com/x-note.htm)
 for spam.
X-Declude-Scan: Score [6] at 12:32:26 on 05 Aug 2005
X-Declude-Fail: CMDSPACE, SPAMHEADERS
X-Country-Chain: UNITED STATES->destination
X-Virus-Checked: Checked by ClamAV on apache.org
X-Spam-Rating: minotaur.apache.org 1.6.2 0/1000/N

Can keytool be used to make a wildcard SSL Key for similar URLs?
I know it can be done using apache.



Jef Sullivan
Programmer
IKANO Communications, Inc.
 

> -----Original Message-----
> From: Paul Singleton [mailto:paul@jbgb.com] 
> Sent: Thursday, August 04, 2005 8:21 AM
> To: Tomcat Users List; justinjaynes@yahoo.com
> Subject: Re: Using more than one SSL cert in keystore?
> 
> Justin Jaynes wrote:
> 
> > ...But now I would like to put up a new site that is completely 
> > independant of the others.  It needs its own SSL cert and it needs 
> > four host names to all point to the same place and redirect to just 
> > one of the domain names so that the SSL cert will be valid, 
> regardless 
> > of how the users chose to get to my site.
> 
> An SSL cert is for a specific domain name.  If you want your 
> users to be able to make HTTPS requests to all four domains 
> without warnings from the browser, I reckon you need four 
> certificates.
> 
> But if they make non-SSL requests, and you respond with a 
> client-side redirect to your one true certificated site using 
> HTTPS, that may work OK?
> 
> > Is it possible to do Virtual Hosting using IP's on a Tomcat 
> standalone 
> > installation?
> 
> Yes, I'm doing this now with 5.5.9
> 
> You need e.g. this server.xml stuff for each host:
> 
>    Service
>      Connector (HTTP)
>      Connector (HTTPS)
>      Engine
>        Host
>          Context
> 
> You can use the default keystore for all hosts, and use the 
> (undocumented) keyAlias="myalias" Connector attribute to 
> offer the appropriate certificate for each host, e.g.
> 
>          <Connector
>            address="288.104.197.211"
>            port="8443"
>            scheme="https"
>            secure="true"
>            sslProtocol="TLS"
>            keyAlias="mrk2"
>          />
> 
> (in 5.5.9 you also need sslProtocol="TLS" explicitly, fixed 
> in later versions)
> 
> Paul Singleton
> 
> 
> --
> No virus found in this outgoing message.
> Checked by AVG Anti-Virus.
> Version: 7.0.338 / Virus Database: 267.10.0/63 - Release 
> Date: 3/Aug/2005
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
> 
> 


---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org