Maybe also to point out a side-effect of multiple connectors (and/or multiple tomcats) :
it also means that each site/application would need a different port number also.
Jamie wrote:
Hi Mark
Thanks for the clarification. Makes sense. Since ISP's are typically
cost sensitive, each instance should consume a minimal amount of
resources.. i.e. memory footprint, etc. Is there alot extra overhead in
the architecture you describe?
Jamie
On 2010/08/30 6:02 PM, Mark Thomas wrote:
On 30/08/2010 16:58, Jamie wrote:
Hi There
Our deployment of Tomcat has several web applications, each with their
own cert store. Each web app has a GUI for creating cert requests and
importing certs. we need to configure Tomcat's TLS capability such that
it will authenticate with each web application's certificate store. I
cannot see how to do this from the docs. It seems Tomcat only support
one cert store for all web applications. Furthermore, there doesn't
appear to be a way to specify a path that is relative to the web app
home directory. Any pointers / workarounds to the above would be most
appreciated.
Certificate stores are set per connector. It has to be this way since
the SSL connection needs to be established before the request can be
parsed and the correct host& context identified.
To do what you want to do sounds like you'll need one connector per
webapp which equates to one service + connector + engine + host per
web app.
Mark
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
