tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Justin Jaynes <>
Subject Virtual Hosting and SSL
Date Tue, 11 Oct 2005 05:33:28 GMT
I am running tomcat 5.5.12 and need to host two sites,
both with ssl.  Obviously one SSL cert/keystore will
not do for two sites.  I understand that SSL is IP
based  because the http header is not read until after
the connection is established.

I know you can configure tomcat to do virtual hosting
based on IP's by adding IPVHost="true" to connectors
in server.xml file.  but you have to specify the
keystore a connector will use PER the connector--NOT
THE HOST.  So even though I can distinguish between IP
addresses, it is too late already.  The connector has
already opened the keystore--without understanding
which IP address the request has come from.

Can you set up two connectors (one port 443 and one
port 80) for one specific ip address and another set
of connectors for another ip address?  This seems to
me (and I am sometimes wrong) the logical way tomcat
should work.  What good is virtual hosting capability
based on IP's if you can't use SSL in conjunction with
them?  Everybody needs some SSL these days for
something or other.

Can you tell jsvc to make the daemon listen only on
one ip address when you start it, and simply start two
dameons listening to different IP's (which would mean
two servers running on my machine, and NOT the
scenario I would prefer)?

I hope some very seasoned pserson can help me.  This
list has never failed me yet and I have been asking
questions for over a year.

Mad-Props to all of you!  Thanks for everything.


Yahoo! Music Unlimited 
Access over 1 million songs. Try it free.

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message