Return-Path: Delivered-To: apmail-tomcat-users-archive@www.apache.org Received: (qmail 2283 invoked from network); 20 Mar 2009 10:52:53 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 20 Mar 2009 10:52:53 -0000 Received: (qmail 97066 invoked by uid 500); 20 Mar 2009 10:52:41 -0000 Delivered-To: apmail-tomcat-users-archive@tomcat.apache.org Received: (qmail 97043 invoked by uid 500); 20 Mar 2009 10:52:41 -0000 Mailing-List: contact users-help@tomcat.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: "Tomcat Users List" Delivered-To: mailing list users@tomcat.apache.org Received: (qmail 97031 invoked by uid 99); 20 Mar 2009 10:52:41 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 20 Mar 2009 03:52:41 -0700 X-ASF-Spam-Status: No, hits=2.6 required=10.0 tests=DNS_FROM_OPENWHOIS,SPF_HELO_PASS,SPF_PASS,WHOIS_MYPRIVREG X-Spam-Check-By: apache.org Received-SPF: pass (nike.apache.org: domain of lists@nabble.com designates 216.139.236.158 as permitted sender) Received: from [216.139.236.158] (HELO kuber.nabble.com) (216.139.236.158) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 20 Mar 2009 10:52:32 +0000 Received: from isper.nabble.com ([192.168.236.156]) by kuber.nabble.com with esmtp (Exim 4.63) (envelope-from ) id 1LkcKh-0007Jj-J2 for users@tomcat.apache.org; Fri, 20 Mar 2009 03:52:11 -0700 Message-ID: <22618057.post@talk.nabble.com> Date: Fri, 20 Mar 2009 03:52:11 -0700 (PDT) From: i_am_superman To: users@tomcat.apache.org Subject: Issue with SSL server/ network configuration MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Nabble-From: eelco@OBJECTIVATION.NL X-Virus-Checked: Checked by ClamAV on apache.org Hi y'all, I have a fairly complex issue regarding Tomcat server configuration, so I'll try to explain: I have two web applications that need to run in one Tomcat server. Application 1 needs client certificates, so I need to configure an SSL connector with 'clientAuth="yes"' Application 2 needs NO client certificates, and users should not be bothered with questions about client certificates; so I can not use 'clientAuth="want"', I have to use 'clientAuth="no"' here. Now the easiest thing to do (I think) is to have two keystores, two server certificates, two domain names; one for each application. Now the problem is right now: I only have one keystore, domain name, certificate (certificates cost money you know...). My question to you peoples: is there a simple way to map one domain name to two different SSL connectors? Port-forwarding based on web context? The latter seems possible, yet a bit flakey. Any help is greatly appreciated, Eelco -- View this message in context: http://www.nabble.com/Issue-with-SSL-server--network-configuration-tp22618057p22618057.html Sent from the Tomcat - User mailing list archive at Nabble.com. --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org For additional commands, e-mail: users-help@tomcat.apache.org