Good Morning Richard david is right each keystore is bound to one certificate each cert will work on only one IP, one domain and one set of credentials (the same credentials used for the keystore)
you may want to consider domain2 aliasing (to the working SSL connector on domain1) ..your hosting provider can help e.g. http://support.hostgator.com/articles/plesk/how-to-setup-a-domain-alias-windows-dedicated HTH Martin Gainty ______________________________________________ Verzicht und Vertraulichkeitanmerkung/Note de déni et de confidentialité Diese Nachricht ist vertraulich. Sollten Sie nicht der vorgesehene Empfaenger sein, so bitten wir hoeflich um eine Mitteilung. Jede unbefugte Weiterleitung oder Fertigung einer Kopie ist unzulaessig. Diese Nachricht dient lediglich dem Austausch von Informationen und entfaltet keine rechtliche Bindungswirkung. Aufgrund der leichten Manipulierbarkeit von E-Mails koennen wir keine Haftung fuer den Inhalt uebernehmen. Ce message est confidentiel et peut être privilégié. Si vous n'êtes pas le destinataire prévu, nous te demandons avec bonté que pour satisfaire informez l'expéditeur. N'importe quelle diffusion non autorisée ou la copie de ceci est interdite. Ce message sert à l'information seulement et n'aura pas n'importe quel effet légalement obligatoire. Étant donné que les email peuvent facilement être sujets à la manipulation, nous ne pouvons accepter aucune responsabilité pour le contenu fourni. > Date: Tue, 9 Mar 2010 08:38:40 -0500 > From: d...@cornell.edu > To: users@tomcat.apache.org > Subject: Re: Multiple SSL certificates on same server > > On 3/8/2010 6:46 PM, Richard Huntrods wrote: > > Does anyone know if it is possible, or has anyone done this: > > > > I have two applications running on a single server. The applications > > use different domains and URLs, so the single Tomcat instance can > > easily tell them apart. (Note: this part is currently working just fine). > > > > https://domain1/application1 > > https://domain2/application2 > > > > Again, both domains point to the same static IP, and yes, it is > > possible for someone to access either application from either domain. > > Normally, that is not an issue with the clients. > > > > However, I currently have only one SSL certificate on the server - > > this is for domain1. So if you use domain1 to access application1, > > it's all fine. The security cert comes up green and all that. > > > > BUT - if you try and access application2 via domain2, you get the red > > security cert (wrong domain / server name). I would like to purchase a > > second certificate for the second domain, and am wondering if this can > > be done, and how one would tell Tomcat (in server.xml) to acknowledge > > the second certificate. > > > > Currently the stuff in server.xml looks like this: > > > > <Connector port="443" protocol="HTTP/1.1" SSLEnabled="true" > > maxThreads="150" enableLookups="false" scheme="https" > > secure="true" > > keystoreFile="./keys/.keystore" keystorePass="myPassword" > > clientAuth="false" sslProtocol="TLS" /> > > > > > > I have a bad feeling it's not possible, but wanted to ask anyway. > > > > Thanks in advance. > > > > -R > > Seems like you should be able to get another certificate and have two > Connector elements, each configured with a different ssl cert (diff. > keystore?). Each will also have to have an address attribute to bind it > to a specific IP. I've never actually ever messed with SSL on tomcat so > you may want to look at the tomcat docs and howtos on the subject. > > --David > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > _________________________________________________________________ Hotmail: Trusted email with powerful SPAM protection. http://clk.atdmt.com/GBL/go/201469227/direct/01/
