You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by n <na...@hotmail.com> on 2002/02/08 00:44:44 UTC
Tomcat 4.0.1 SSL experts, please help.
I have two separate security certificates, one for each virtual host. The
tomcat documentation states, "... it is therefore not possible to assign
multiple certificates to a single IP address." However, this box that I
have tomcat on has two IP addresses. Therefore, I should be able to run
both virtual hosts with their own respective security certificates together
in the same tomcat instance. I'm unsure of how I would configure my
server.xml file to bind each virtual host to it's own IP if it is at all
possible. Does anyone have an idea of how to do this without using Apache
to take care of SSL? Thanks for any help. Below is my current server.xml file.
<Service name="Tomcat-Standalone">
<Connector className="org.apache.catalina.connector.http.HttpConnector"
port="80" minProcessors="5" maxProcessors="75"
enableLookups="true" redirectPort="443"
acceptCount="10" debug="0" connectionTimeout="60000"/>
<Connector className="org.apache.catalina.connector.http.HttpConnector"
port="443" minProcessors="5" maxProcessors="75"
enableLookups="true"
acceptCount="10" debug="0" scheme="https" secure="true">
<Factory className="org.apache.catalina.net.SSLServerSocketFactory"
clientAuth="false" protocol="TLS"/>
</Connector>
<Engine name="Standalone" defaultHost="localhost" debug="0">
<Host name="localhost" debug="0" appBase="webapps" unpackWARs="true" />
<Host name="www.mydomain1.com" appBase="webapps">
<Context path=""
docBase="domain1"
crossContext="true"
debug="0"
reloadable="false" >
</Context>
</Host>
<Host name="www.mydomain2.com" appBase="webapps">
<Context path=""
docBase="domain2"
crossContext="true"
debug="0"
reloadable="false" >
</Context>
</Host>
--
To unsubscribe: <ma...@jakarta.apache.org>
For additional commands: <ma...@jakarta.apache.org>
Troubles with the list: <ma...@jakarta.apache.org>
Re: Tomcat 4.0.1 SSL experts, please help.
Posted by Øyvind Vestavik <Oy...@idi.ntnu.no>.
I think you should be able to define two SSL cennectors in the same server
instance. You must of course use different port numbers for the two
connector entries in the server.xml file. Another option if this doesn't
work is of course to
install two servers on the host and define a ssl connector in both
server.xml file. Just remember that the no two applications can listen to
the same port, so for one of the instances you have to change the default
8080 port for non-SSL connections and make sure the SSL connectors listen
to different ports. The two servers should be running in different
prosesses and the only collisions that should occur is port number
assignment.
Øyvind Vestavik
Øvre Møllenberggt 44b
7014 Trondheim
oyvindve@idi.ntnu.no
41422911
On Thu, 7 Feb 2002, n wrote:
> I have two separate security certificates, one for each virtual host. The
> tomcat documentation states, "... it is therefore not possible to assign
> multiple certificates to a single IP address." However, this box that I
> have tomcat on has two IP addresses. Therefore, I should be able to run
> both virtual hosts with their own respective security certificates together
> in the same tomcat instance. I'm unsure of how I would configure my
> server.xml file to bind each virtual host to it's own IP if it is at all
> possible. Does anyone have an idea of how to do this without using Apache
> to take care of SSL? Thanks for any help. Below is my current server.xml file.
>
> <Service name="Tomcat-Standalone">
> <Connector className="org.apache.catalina.connector.http.HttpConnector"
> port="80" minProcessors="5" maxProcessors="75"
> enableLookups="true" redirectPort="443"
> acceptCount="10" debug="0" connectionTimeout="60000"/>
> <Connector className="org.apache.catalina.connector.http.HttpConnector"
> port="443" minProcessors="5" maxProcessors="75"
> enableLookups="true"
> acceptCount="10" debug="0" scheme="https" secure="true">
> <Factory className="org.apache.catalina.net.SSLServerSocketFactory"
> clientAuth="false" protocol="TLS"/>
> </Connector>
> <Engine name="Standalone" defaultHost="localhost" debug="0">
> <Host name="localhost" debug="0" appBase="webapps" unpackWARs="true" />
> <Host name="www.mydomain1.com" appBase="webapps">
> <Context path=""
> docBase="domain1"
> crossContext="true"
> debug="0"
> reloadable="false" >
> </Context>
> </Host>
> <Host name="www.mydomain2.com" appBase="webapps">
> <Context path=""
> docBase="domain2"
> crossContext="true"
> debug="0"
> reloadable="false" >
> </Context>
> </Host>
>
>
> --
> To unsubscribe: <ma...@jakarta.apache.org>
> For additional commands: <ma...@jakarta.apache.org>
> Troubles with the list: <ma...@jakarta.apache.org>
>
--
To unsubscribe: <ma...@jakarta.apache.org>
For additional commands: <ma...@jakarta.apache.org>
Troubles with the list: <ma...@jakarta.apache.org>