[Solved] Two SSL certs. for same web app

[Greg Johnson <gr...@yahoo.com>]

No, and you don't need to make any changes other than adding the extra <Connector>.  Traffic from both <Connector>s will be routed to the single <Engine> and <Host>.
>Thanks for the advice, Chuck. I did end up needing to slightly change the Host and Engine declarations to point to 'ip-address-one' in my example. So my server.xml ended up looking like this:

<Server> 
<Service> 
<Connector port=8080 address="ip-address-one"... /> 
<Connector port=8443 address="ip-address-one" keystoreFile="tomcat.keystore" ... /> 
<Connector port=8080 address="ip-address-two"... /> 
<Connector port=8443 address="ip-address-two" keystoreFile="clientn.keystore" ... /> 
<Engine defaultHost="ip-address-one"> <Host name="ip-address-one"> </Host> 
</Engine>
</Service> </Server> 

RE: [Solved] Two SSL certs. for same web app

["Caldarale, Charles R" <Ch...@unisys.com>]

> From: Greg Johnson [mailto:gregjo@yahoo.com] 
> Subject: [Solved] Two SSL certs. for same web app

> I did end up needing to slightly change the Host and Engine 
> declarations to point to 'ip-address-one' in my example.

That change isn't necessary.
 
> <Engine defaultHost="ip-address-one"> <Host name="ip-address-one"> </Host> 

Since you have only one <Host>, the name attribute is irrelevant as long as it matches the defaultHost setting in the <Engine>.  The name attribute becomes interesting only when there are multiple <Host> elements; Tomcat then uses the name to select which <Host> will process a given request.

 - Chuck


THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers.


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org

RE: [Solved] Two SSL certs. for same web app

["Caldarale, Charles R" <Ch...@unisys.com>]

> From: Caldarale, Charles R 
> Subject: RE: [Solved] Two SSL certs. for same web app

> Since you have only one <Host>, the name attribute is irrelevant 
> as long as it matches the defaultHost setting in the <Engine>.

Should also note that the standard value of "localhost" for the defaultHost attribute is somewhat confusing; it has nothing to do with its usual interpretation of 127.0.0.1 or [::1] - it's just a character string that must match the name attribute in one <Host>.

 - Chuck


THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers.


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org

Re: [Solved] Two SSL certs. for same web app

[Pid <pi...@pidster.com>]

On 31/08/2011 11:48, Pid wrote:
> On 31/08/2011 08:24, Greg Johnson wrote:
>> No, and you don't need to make any changes other than adding the extra <Connector>.  Traffic from both <Connector>s will be routed to the single <Engine> and <Host>.
>>> Thanks for the advice, Chuck. I did end up needing to slightly change the Host and Engine declarations to point to 'ip-address-one' in my example. So my server.xml ended up looking like this:
>>
>> <Server> 
>> <Service> 
>> <Connector port=8080 address="ip-address-one"... /> 
>> <Connector port=8443 address="ip-address-one" keystoreFile="tomcat.keystore" ... /> 
>> <Connector port=8080 address="ip-address-two"... /> 
>> <Connector port=8443 address="ip-address-two" keystoreFile="clientn.keystore" ... /> 
>> <Engine defaultHost="ip-address-one"> <Host name="ip-address-one"> </Host> 
>> </Engine>
>> </Service> </Server> 
>>
> 
> Does that actually work?
> 
> There are two connectors with the same port number, which shouldn't work.

EPIC FAIL.  Ignore me.


p

Re: [Solved] Two SSL certs. for same web app

[Pid <pi...@pidster.com>]

On 31/08/2011 08:24, Greg Johnson wrote:
> No, and you don't need to make any changes other than adding the extra <Connector>.  Traffic from both <Connector>s will be routed to the single <Engine> and <Host>.
>> Thanks for the advice, Chuck. I did end up needing to slightly change the Host and Engine declarations to point to 'ip-address-one' in my example. So my server.xml ended up looking like this:
> 
> <Server> 
> <Service> 
> <Connector port=8080 address="ip-address-one"... /> 
> <Connector port=8443 address="ip-address-one" keystoreFile="tomcat.keystore" ... /> 
> <Connector port=8080 address="ip-address-two"... /> 
> <Connector port=8443 address="ip-address-two" keystoreFile="clientn.keystore" ... /> 
> <Engine defaultHost="ip-address-one"> <Host name="ip-address-one"> </Host> 
> </Engine>
> </Service> </Server> 
> 

Does that actually work?

There are two connectors with the same port number, which shouldn't work.


p