You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Paul Singleton <pa...@jbgb.com> on 2005/05/12 19:08:13 UTC
SSL on multiple IP addreses?
I'm trying to set up several SSL-enabled virtual hosts
under Tomcat 5.5.9 (Linux), each on a different IP address
(all via the same NIC).
I think I need a separate certificate (self-signed is OK)
for each, but cannot see how to associate them...
Do I have to create separate keystores? or is there a
neater way?
Paul Singleton
Jambusters Ltd
--
No virus found in this outgoing message.
Checked by AVG Anti-Virus.
Version: 7.0.308 / Virus Database: 266.11.8 - Release Date: 10/May/2005
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
Re: SSL on multiple IP addreses?
Posted by je...@playstation.sony.com.
On Solaris:
Lets say the default interface is hme0, then all the aliases are hme0:1,
hme0:2, hme0:3 - and so on...
ifconfig hme0:1 <ip> netmask <netmask> up
ifconfig hme0:2 <ip> netmask <netmask> up
each aliases having a different IP of course!
-jrj
Will Hartung wrote:
>>From: "David Wall" <d....@computer.org>
>>Sent: Thursday, May 12, 2005 10:31 AM
>>
>>
>
>
>
>>How will you configure multiple IP addresses on a single NIC? Normally,
>>you have one NIC per IP address. You will need to use two keystores for
>>each system, and configure the keystores as you normally would under the
>>SSL connector. I'm not sure how to configure the CoyoteConnector so
>>that it will listen on a particular IP address, but the docs no doubt
>>explain how.
>>
>>
>
>Just an FYI, it's pretty simple and common to have a single NIC listen to
>multiple IP's. It's fairly trivial to do in Linux/Unix, and I know it's
>possible in Windows, but I don't know the details of how to do it.
>
>Regards,
>
>Will Hartung
>(willh@msoft.com)
>
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
>For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
>
>
>
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
Re: SSL on multiple IP addreses?
Posted by Will Hartung <wi...@msoft.com>.
> From: "David Wall" <d....@computer.org>
> Sent: Thursday, May 12, 2005 10:31 AM
> How will you configure multiple IP addresses on a single NIC? Normally,
> you have one NIC per IP address. You will need to use two keystores for
> each system, and configure the keystores as you normally would under the
> SSL connector. I'm not sure how to configure the CoyoteConnector so
> that it will listen on a particular IP address, but the docs no doubt
> explain how.
Just an FYI, it's pretty simple and common to have a single NIC listen to
multiple IP's. It's fairly trivial to do in Linux/Unix, and I know it's
possible in Windows, but I don't know the details of how to do it.
Regards,
Will Hartung
(willh@msoft.com)
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
Re: SSL on multiple IP addreses?
Posted by David Wall <d....@computer.org>.
How will you configure multiple IP addresses on a single NIC? Normally,
you have one NIC per IP address. You will need to use two keystores for
each system, and configure the keystores as you normally would under the
SSL connector. I'm not sure how to configure the CoyoteConnector so
that it will listen on a particular IP address, but the docs no doubt
explain how.
Good luck...
Paul Singleton wrote:
> I'm trying to set up several SSL-enabled virtual hosts
> under Tomcat 5.5.9 (Linux), each on a different IP address
> (all via the same NIC).
>
> I think I need a separate certificate (self-signed is OK)
> for each, but cannot see how to associate them...
>
> Do I have to create separate keystores? or is there a
> neater way?
>
> Paul Singleton
> Jambusters Ltd
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org