tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Borut Hadžialić <>
Subject Re: IP-based virtual hosting with Tomcat(6)
Date Mon, 03 Aug 2009 15:11:28 GMT
Maybe this will be helpfull to you?

I am not sure how well that extension is supported in browsers and other ssl
clients, or can you get a CA to sign a certificate that contains these
extensions. But, I wouldn't be surprised if  there were no problems with any
of that because there are scenarios in which its useful to have same
certificate be valid for a url that contains a host name or ip address..

What I do know is that I used a single self signed certificate (with subject
alt names for:
IP Address=
IP Address=
IP Address=
IP Address=
locally for testing on 4 app servers that ran a load balanced app. We tested
the app with urls like and so on.

On Wed, Jul 29, 2009 at 10:44 PM, <> wrote:

> My second issue is perhaps more serious: is there an underlying assumption
> with
> virtual hosts that they are bound by distinct security constraints? I mean,
> is there
> an implicit assumption, for instance, that distinct virtual hosts would use
> distinct SSL certificates?
> I plan to (rather, need to) use the same SSL certificate for all vHosts.
> Thanx again!
> /U

Because YES!

  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message