Re: Can Tomcat support multiple SSL certificates for multiple domains?
Ooops, my fault! I've read and replied too fast (maybe because it's Monday? :-)) Of course this shouldn't be done with *two domain names* only with two host names in the same domain... I suppose it won't work in actual browsers but if it does I let you all know... Sorry Jan Hassan Schroeder schrieb: On Feb 11, 2008 5:00 AM, Jan Mönnich [EMAIL PROTECTED] wrote: You can get one certificate with both domain names in the Subject Alternative Name of the Certificate. All modern browsers can handle that and you can use just one Certificate for both domains. That's the workaround we are recommending to all of our customers. Have you actually seen this deployed? I ask because I've only seen Subject Alternative Name used as e.g. foo.example.com, bar.example.com -- never two *domain* names. If that really works, it'd be good to know :-) -- Dipl.-Inf. (FH) Jan Mönnich, PKI Team Phone: +49 40 808077-632, Fax: +49 40 808077-556, [EMAIL PROTECTED] DFN-CERT Services GmbH, https://www.dfn-cert.de, Phone +49 40 808077-555 Sitz / Register: Hamburg, AG Hamburg, HRB 88805, Ust-IdNr.: DE 232129737 Sachsenstraße 5, 20097 Hamburg/Germany, CEO: Dr. Klaus-Peter Kossakowski 15 Jahre DFN-CERT + 15. DFN-Workshop Sicherheit in vernetzten Systemen am 13./14. Februar 2008 im CCH Hamburg - https://www.dfn-cert.de/ws2008/ smime.p7s Description: S/MIME Cryptographic Signature
Re: Can Tomcat support multiple SSL certificates for multiple domains?
On Feb 11, 2008 5:00 AM, Jan Mönnich [EMAIL PROTECTED] wrote: You can get one certificate with both domain names in the Subject Alternative Name of the Certificate. All modern browsers can handle that and you can use just one Certificate for both domains. That's the workaround we are recommending to all of our customers. Have you actually seen this deployed? I ask because I've only seen Subject Alternative Name used as e.g. foo.example.com, bar.example.com -- never two *domain* names. If that really works, it'd be good to know :-) -- Hassan Schroeder [EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Can Tomcat support multiple SSL certificates for multiple domains?
Hi, I have one JBoss instance (4.0.5GA) running on Linux. The machine has one IP with two domains. www.domain1.com www.domain2.com I have two SSL certificates, one for each domain, imported into keystore. I need to use both without any warnings from browser https://www.domain1.com https://www.domain2.com Can Tomcat pick the right certificate based on current domain name? But according to http://tomcat.apache.org/tomcat-5.5-doc/ssl-howto.html keyAlias Add this element if your have more than one key in the KeyStore. If the element is not present the first key read in the KeyStore will be used. How to work around this? Thanks for help! Dave - Looking for last minute shopping deals? Find them fast with Yahoo! Search.
Re: Can Tomcat support multiple SSL certificates for multiple domains?
Dave wrote: Hi, I have one JBoss instance (4.0.5GA) running on Linux. The machine has one IP with two domains. www.domain1.com www.domain2.com I have two SSL certificates, one for each domain, imported into keystore. I need to use both without any warnings from browser https://www.domain1.com https://www.domain2.com Can Tomcat pick the right certificate based on current domain name? But according to http://tomcat.apache.org/tomcat-5.5-doc/ssl-howto.html keyAlias Add this element if your have more than one key in the KeyStore. If the element is not present the first key read in the KeyStore will be used. How to work around this? Thanks for help! Dave Refer to the following link: http://marc.info/?l=tomcat-userm=120239893800741w=2 For additional info: http://marc.info/?l=tomcat-userw=2r=1s=sslq=b -- Regards Gabe Wong NGASI AppServer Manager JAVA AUTOMATION and SaaS Enablement a href=http://www.ngasi.comhttp://www.ngasi.com/a NEW! 8.0 - Centrally manage multiple physical servers - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
