Uma - If you are really serious about using 1 SSL certificate for all your connections, you need to understand SSL much better than it appears you do at the moment. Some things to note: 1) The Common Name of the SSL *must* match the name the user gives in the hostname portion of the URL he enters in his browser, or else the browser will complain. It doesn't matter if the name is provided as an IP address or a normal string name. 2) The direness of the complaint is totally dependent on the browser and the version of said browser. 3) To have one certificate match multiple hostnames, you need a wildcard certificate, where the common name is like "*.domain.name". Do tons of research before attempting. 4) Internet Explorer interprets wildcard names differently than other browsers, and the spec as far as I can tell. Where host.domain.name will match the above, host.sub.domain.name will not. IE is the only browser I've found that imposes this limitation. And I don't think you can do "*.*.domain.name" to get around it either. Try posting to an SSL group to find someone more knowledgeable. Jeff
-----Original Message----- From: uma...@comcast.net [mailto:uma...@comcast.net] Sent: Wednesday, July 29, 2009 5:13 PM To: Tomcat Users List Subject: Re: IP-based virtual hosting with Tomcat(6) Mark, If I wanted to use the same SSL certificate for all virtual hosts does it follow that .... Thanx, /U ******************************* NOTICE ********************************* This message is intended for the use of the individual or entity to which it is addressed and may contain information that is privileged, confidential, and exempt from disclosure under applicable law. If the reader of this message is not the intended recipient or the employee or agent responsible for delivering this message to the intended recipient, you are hereby notified that any dissemination, distribution, or copying of this communication is strictly prohibited. If you have received this communication in error, please notify us immediately by reply or by telephone (call us collect at 512-343-9100) and immediately delete this message and all its attachments.
