You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Greg Johnson <gr...@yahoo.com> on 2011/08/31 09:24:48 UTC
[Solved] Two SSL certs. for same web app
No, and you don't need to make any changes other than adding the extra <Connector>. Traffic from both <Connector>s will be routed to the single <Engine> and <Host>.
>Thanks for the advice, Chuck. I did end up needing to slightly change the Host and Engine declarations to point to 'ip-address-one' in my example. So my server.xml ended up looking like this:
<Server>
<Service>
<Connector port=8080 address="ip-address-one"... />
<Connector port=8443 address="ip-address-one" keystoreFile="tomcat.keystore" ... />
<Connector port=8080 address="ip-address-two"... />
<Connector port=8443 address="ip-address-two" keystoreFile="clientn.keystore" ... />
<Engine defaultHost="ip-address-one"> <Host name="ip-address-one"> </Host>
</Engine>
</Service> </Server>
RE: [Solved] Two SSL certs. for same web app
Posted by "Caldarale, Charles R" <Ch...@unisys.com>.
> From: Greg Johnson [mailto:gregjo@yahoo.com]
> Subject: [Solved] Two SSL certs. for same web app
> I did end up needing to slightly change the Host and Engine
> declarations to point to 'ip-address-one' in my example.
That change isn't necessary.
> <Engine defaultHost="ip-address-one"> <Host name="ip-address-one"> </Host>
Since you have only one <Host>, the name attribute is irrelevant as long as it matches the defaultHost setting in the <Engine>. The name attribute becomes interesting only when there are multiple <Host> elements; Tomcat then uses the name to select which <Host> will process a given request.
- Chuck
THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
RE: [Solved] Two SSL certs. for same web app
Posted by "Caldarale, Charles R" <Ch...@unisys.com>.
> From: Caldarale, Charles R
> Subject: RE: [Solved] Two SSL certs. for same web app
> Since you have only one <Host>, the name attribute is irrelevant
> as long as it matches the defaultHost setting in the <Engine>.
Should also note that the standard value of "localhost" for the defaultHost attribute is somewhat confusing; it has nothing to do with its usual interpretation of 127.0.0.1 or [::1] - it's just a character string that must match the name attribute in one <Host>.
- Chuck
THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: [Solved] Two SSL certs. for same web app
Posted by Pid <pi...@pidster.com>.
On 31/08/2011 11:48, Pid wrote:
> On 31/08/2011 08:24, Greg Johnson wrote:
>> No, and you don't need to make any changes other than adding the extra <Connector>. Traffic from both <Connector>s will be routed to the single <Engine> and <Host>.
>>> Thanks for the advice, Chuck. I did end up needing to slightly change the Host and Engine declarations to point to 'ip-address-one' in my example. So my server.xml ended up looking like this:
>>
>> <Server>
>> <Service>
>> <Connector port=8080 address="ip-address-one"... />
>> <Connector port=8443 address="ip-address-one" keystoreFile="tomcat.keystore" ... />
>> <Connector port=8080 address="ip-address-two"... />
>> <Connector port=8443 address="ip-address-two" keystoreFile="clientn.keystore" ... />
>> <Engine defaultHost="ip-address-one"> <Host name="ip-address-one"> </Host>
>> </Engine>
>> </Service> </Server>
>>
>
> Does that actually work?
>
> There are two connectors with the same port number, which shouldn't work.
EPIC FAIL. Ignore me.
p
Re: [Solved] Two SSL certs. for same web app
Posted by Pid <pi...@pidster.com>.
On 31/08/2011 08:24, Greg Johnson wrote:
> No, and you don't need to make any changes other than adding the extra <Connector>. Traffic from both <Connector>s will be routed to the single <Engine> and <Host>.
>> Thanks for the advice, Chuck. I did end up needing to slightly change the Host and Engine declarations to point to 'ip-address-one' in my example. So my server.xml ended up looking like this:
>
> <Server>
> <Service>
> <Connector port=8080 address="ip-address-one"... />
> <Connector port=8443 address="ip-address-one" keystoreFile="tomcat.keystore" ... />
> <Connector port=8080 address="ip-address-two"... />
> <Connector port=8443 address="ip-address-two" keystoreFile="clientn.keystore" ... />
> <Engine defaultHost="ip-address-one"> <Host name="ip-address-one"> </Host>
> </Engine>
> </Service> </Server>
>
Does that actually work?
There are two connectors with the same port number, which shouldn't work.
p