You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Marc-Olaf Jaschke <ma...@dshare.de> on 2006/04/29 17:04:26 UTC
name-based virtual hosts with Tomcat and APR using SSL
Hi,
I try to to use Tomcat with APR and name-based virtual hosts using SSL.
I've read the documentation for Tomcat/APR and searched the web, but
cannot find anything about multiple certificate- or key-files.
Is there any possibility to use multiple SSL-Certificates with APR?
Thanks for your attention,
Marc-Olaf Jaschke
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: name-based virtual hosts with Tomcat and APR using SSL
Posted by Marc-Olaf Jaschke <ma...@dshare.de>.
Your question showed me, that I have misunderstood virtual hosts with SSL.
I had not realized, that it is impossible to use SSL with name-based
virtual hosts.
Thanks for your help, Marc-Olaf
Peter Rossbach schrieb:
> No, can you tell us how openssl make it possible to have more the one
> certificate?
>
> Currently you must configure of every host ip address and certifcate
> you own connector at
> separate service elements.
>
> Peter
>
>
> Am 29.04.2006 um 19:37 schrieb Marc-Olaf Jaschke:
>
>> I have got SSL with Tomcat and APR running for one domain with the
>> following example from the tomcat documentation:
>>
>> ....
>> <Connector port="443" maxHttpHeaderSize="8192"
>> maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
>> enableLookups="false" disableUploadTimeout="true"
>> acceptCount="100" scheme="https" secure="true"
>> SSLEngine="on"
>> SSLCertificateFile="${catalina.base}/conf/localhost.crt"
>>
>> SSLCertificateKeyFile="${catalina.base}/conf/localhost.key" />
>> ...
>> (http://tomcat.apache.org/tomcat-5.5-doc/apr.html)
>>
>> I use tomcat-5.5.17 and the newest apr-version on a debian sarge
>> system and follow the hints in the BUILDING-file from
>> tomcat-native.tar.gz in the bin-directory.
>> This configuration works great with one domain and one certificate,
>> but I have no idea, how to get it running with multiple domains and
>> multiple certificates.
>>
>> I hope, that I have understood your question correctly.
>>
>>
>> Marc-Olaf
>>
>>
>> Peter Rossbach schrieb:
>>> Can you give some hints that normaly works for OpenSSL?
>>>
>>> Peter
>>>
>>>
>>> Am 29.04.2006 um 17:04 schrieb Marc-Olaf Jaschke:
>>>
>>>> Hi,
>>>>
>>>>
>>>> I try to to use Tomcat with APR and name-based virtual hosts using
>>>> SSL.
>>>> I've read the documentation for Tomcat/APR and searched the web,
>>>> but cannot find anything about multiple certificate- or key-files.
>>>> Is there any possibility to use multiple SSL-Certificates with APR?
>>>>
>>>>
>>>> Thanks for your attention,
>>>>
>>>> Marc-Olaf Jaschke
>>>>
>>>>
>>>>
>>>> ---------------------------------------------------------------------
>>>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>>>> For additional commands, e-mail: users-help@tomcat.apache.org
>>>>
>>>>
>>>
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>>> For additional commands, e-mail: users-help@tomcat.apache.org
>>>
>>>
>>>
>>>
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>> For additional commands, e-mail: users-help@tomcat.apache.org
>>
>>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: name-based virtual hosts with Tomcat and APR using SSL
Posted by Peter Rossbach <pr...@objektpark.de>.
No, can you tell us how openssl make it possible to have more the one
certificate?
Currently you must configure of every host ip address and certifcate
you own connector at
separate service elements.
Peter
Am 29.04.2006 um 19:37 schrieb Marc-Olaf Jaschke:
> I have got SSL with Tomcat and APR running for one domain with the
> following example from the tomcat documentation:
>
> ....
> <Connector port="443" maxHttpHeaderSize="8192"
> maxThreads="150" minSpareThreads="25"
> maxSpareThreads="75"
> enableLookups="false" disableUploadTimeout="true"
> acceptCount="100" scheme="https" secure="true"
> SSLEngine="on"
> SSLCertificateFile="${catalina.base}/conf/localhost.crt"
> SSLCertificateKeyFile="${catalina.base}/conf/
> localhost.key" />
> ...
> (http://tomcat.apache.org/tomcat-5.5-doc/apr.html)
>
> I use tomcat-5.5.17 and the newest apr-version on a debian sarge
> system and follow the hints in the BUILDING-file from tomcat-
> native.tar.gz in the bin-directory.
> This configuration works great with one domain and one certificate,
> but I have no idea, how to get it running with multiple domains and
> multiple certificates.
>
> I hope, that I have understood your question correctly.
>
>
> Marc-Olaf
>
>
> Peter Rossbach schrieb:
>> Can you give some hints that normaly works for OpenSSL?
>>
>> Peter
>>
>>
>> Am 29.04.2006 um 17:04 schrieb Marc-Olaf Jaschke:
>>
>>> Hi,
>>>
>>>
>>> I try to to use Tomcat with APR and name-based virtual hosts
>>> using SSL.
>>> I've read the documentation for Tomcat/APR and searched the web,
>>> but cannot find anything about multiple certificate- or key-files.
>>> Is there any possibility to use multiple SSL-Certificates with APR?
>>>
>>>
>>> Thanks for your attention,
>>>
>>> Marc-Olaf Jaschke
>>>
>>>
>>>
>>> --------------------------------------------------------------------
>>> -
>>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>>> For additional commands, e-mail: users-help@tomcat.apache.org
>>>
>>>
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>> For additional commands, e-mail: users-help@tomcat.apache.org
>>
>>
>>
>>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: name-based virtual hosts with Tomcat and APR using SSL
Posted by Marc-Olaf Jaschke <ma...@dshare.de>.
I have got SSL with Tomcat and APR running for one domain with the
following example from the tomcat documentation:
....
<Connector port="443" maxHttpHeaderSize="8192"
maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
enableLookups="false" disableUploadTimeout="true"
acceptCount="100" scheme="https" secure="true"
SSLEngine="on"
SSLCertificateFile="${catalina.base}/conf/localhost.crt"
SSLCertificateKeyFile="${catalina.base}/conf/localhost.key" />
...
(http://tomcat.apache.org/tomcat-5.5-doc/apr.html)
I use tomcat-5.5.17 and the newest apr-version on a debian sarge system
and follow the hints in the BUILDING-file from tomcat-native.tar.gz in
the bin-directory.
This configuration works great with one domain and one certificate, but
I have no idea, how to get it running with multiple domains and multiple
certificates.
I hope, that I have understood your question correctly.
Marc-Olaf
Peter Rossbach schrieb:
> Can you give some hints that normaly works for OpenSSL?
>
> Peter
>
>
> Am 29.04.2006 um 17:04 schrieb Marc-Olaf Jaschke:
>
>> Hi,
>>
>>
>> I try to to use Tomcat with APR and name-based virtual hosts using SSL.
>> I've read the documentation for Tomcat/APR and searched the web, but
>> cannot find anything about multiple certificate- or key-files.
>> Is there any possibility to use multiple SSL-Certificates with APR?
>>
>>
>> Thanks for your attention,
>>
>> Marc-Olaf Jaschke
>>
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>> For additional commands, e-mail: users-help@tomcat.apache.org
>>
>>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: name-based virtual hosts with Tomcat and APR using SSL
Posted by Peter Rossbach <pr...@objektpark.de>.
Can you give some hints that normaly works for OpenSSL?
Peter
Am 29.04.2006 um 17:04 schrieb Marc-Olaf Jaschke:
> Hi,
>
>
> I try to to use Tomcat with APR and name-based virtual hosts using
> SSL.
> I've read the documentation for Tomcat/APR and searched the web,
> but cannot find anything about multiple certificate- or key-files.
> Is there any possibility to use multiple SSL-Certificates with APR?
>
>
> Thanks for your attention,
>
> Marc-Olaf Jaschke
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org