> In 5.5.9 you can put all your certificates in one
> keystore ...
> I suggest you don't proliferate keystores unless you
> really have to...
Why? It seems far more manageable to me having them separate...
Mmm... i don't agree. Only a keystore, only a location for it, only
one password. I like
On 8/25/06, Paul Singleton <[EMAIL PROTECTED]> wrote:
In 5.5.9 you can put all your certificates in one
keystore ...
I suggest you don't proliferate keystores unless you
really have to...
Why? It seems far more manageable to me having them separate...
--
Hassan Schroeder -
Hassan Schroeder wrote:
On 8/25/06, teknokrat <[EMAIL PROTECTED]> wrote:
So lets see if i understand this correctly. I can only have multiple SSL
certificates if I create different Services in server.xml pointing to
different ports?
No, you don't need different Services; you need a Connec
On 8/25/06, teknokrat <[EMAIL PROTECTED]> wrote:
So lets see if i understand this correctly. I can only have multiple SSL
certificates if I create different Services in server.xml pointing to
different ports?
No, you don't need different Services; you need a Connector and
associated keystore p
Peter is correct - I was just being a bit lazy in my answer...
The ssl connection is setup BEFORE any 'hostname' information is
passed over the link, and therefore the server would not know 'which'
virtual hostname's ssl certificate to use.
Therefore - 1 certificate per IP Address/ Port co
Peter Crowther wrote:
From: Andrés González [mailto:[EMAIL PROTECTED]
I mean, what are you saying? That tomcat can only have 1 ssl
certificate per IP address, or that it is a "general" limitation of
the architecture of SSL certificates.
It is a general limitation of SSL. To be strict: you can
> From: Andrés González [mailto:[EMAIL PROTECTED]
> I mean, what are you saying? That tomcat can only have 1 ssl
> certificate per IP address, or that it is a "general" limitation of
> the architecture of SSL certificates.
It is a general limitation of SSL. To be strict: you can only have one
c
You can set 1 ssl certificate for each port over the same ip.
ie:
https://domain1.com/ takes default ssl port 443 and one cert.
https://domain2.com:10443/ takes another cert.
etc...
So you must listen ssl conexion on each port that you need
And take a look at http://wiki.cacert.org/wiki/VhostTas
Andrew (hi namesake :)): are you sure of that?
I mean, what are you saying? That tomcat can only have 1 ssl
certificate per IP address, or that it is a "general" limitation of
the architecture of SSL certificates.
As far as i know hoy can have one ssl certificate per domain, and so
more than one
You can only have 1 ssl certificate per IP address
Andrew
On 25/08/2006, at 11:09 AM, teknokrat wrote:
I am trying to set up tomcat with multiple virtual hosts, each with
their own SSL certificate. Is this possible? Do I add each
certificate to the main keystore as per one host?
-
10 matches
Mail list logo
