> From: Dave [mailto:[EMAIL PROTECTED] > the > machine has one IP address. But there are two top-level > domains (not subdomains) mapping to the ip address. > > www.domain1.com > www.domain2.com > > I need to setup SSL. As far as I know, SSL certificate is > set up for one domain only. Using the different domains will > get a security warning from web browser. (domain name does not match) > > Can SSL certificate be ip address based? Or Tomcat support > SSL multiple domains(prevent warnings from browser)?
Tomcat can support multiple SSL domains. *But* there is a fundamental point about SSL: the secure connection is negotiated before the HTTP host header is sent. That means that _no web server, of any kind, can successfully host SSL for multiple domains on the same port on the same IP address_. You have two possible workarounds: - Get a second IP address assigned to the machine. This is often easier than it sounds. Map one domain to each IP address, and bind each of your two SSL connectors to one IP. At this point, everything Just Works for the user. - Run SSL for one domain on port 443, and for the other domain on a different port - say 8443. This gives a slightly messy user experience, as you have https://www.domain1.com but https://www.domain2.com:8443. This is a limitation of SSL; it is not Tomcat-specific. - Peter --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
