On 10/08/2022 19:22, jonmcalexan...@wellsfargo.com.INVALID wrote:
Ok, I'm asking a rather simple, stupid (in my opinion) question, but here goes:
What is the best practice form of connector for SSL. Is it the old-school coyote
connector or the connector with the <SSLHostConfig...> section?
<SSLHostConfig...>
The old style isn't supported in Tomcat 10.0.x onwards.
Are the two interchangeable, or does the SSLHostConfig one rely on openssl and
won't work without it? The documentation is confusing me on a hump day
afternoon.
They are interchangeable. However, if you want to configure TLS virtual
hosting with SNI you'll need to use SSLHostConfig.
Both approaches can be used with JSSE and OpenSSL based TLS implementations.
Mark
Thanks,
Dream * Excel * Explore * Inspire
Jon McAlexander
Senior Infrastructure Engineer
Asst. Vice President
He/His
Middleware Product Engineering
Enterprise CIO | EAS | Middleware | Infrastructure Solutions
8080 Cobblestone Rd | Urbandale, IA 50322
MAC: F4469-010
Tel 515-988-2508 | Cell 515-988-2508
jonmcalexan...@wellsfargo.com<mailto:jonmcalexan...@wellsfargo.com>
This message may contain confidential and/or privileged information. If you are
not the addressee or authorized to receive this for the addressee, you must not
use, copy, disclose, or take any action based on this message or any
information herein. If you have received this message in error, please advise
the sender immediately by reply e-mail and delete this message. Thank you for
your cooperation.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
