RE: can a virtual host have its own privatly used SSL certificate ?

[Guy Katz <gk...@allot.com>]

thanks;
you are relating to tomcat.
i think in my situation they have a different listen port for every vhost
internally such that the apache server delivers the http request on
different ports for different vhost.
does this simplify the problem?

-----Original Message-----
From: Graham Leggett [mailto:minfrin@sharp.fm]
Sent: Thursday, July 15, 2004 11:21 AM
To: Tomcat Users List
Subject: Re: can a virtual host have its own privatly used SSL certificate ?


Guy Katz wrote:

> thanks but are you sure?

I'm sure.

> i read some more and got the impression that when using apache+tomcat with
> ip based virtual hosting this can be achieved.

The problem is that there can only be one certificate per listening port 
that tomcat is listening on, and the certificate can only have one name 
at a time (unless you use wildcard certs, but this is a special case). 
There can be many virtual hosts per listening port, but only one 
certificate, and the certificate can only have one name (at the moment) 
- thus your problem.

:(

Regards,
Graham
--

---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org

Re: can a virtual host have its own privatly used SSL certificate ?

[Graham Leggett <mi...@sharp.fm>]

Guy Katz wrote:

> you are relating to tomcat.
> i think in my situation they have a different listen port for every vhost
> internally such that the apache server delivers the http request on
> different ports for different vhost.
> does this simplify the problem?

This is the way to get around this problem - tell tomcat to listen on 
multiple ports, and run one certificate and one host per port. To make 
sure you stay on port 443, you'll need to have multiple IP addresses per 
box.

Regards,
Graham
--