Re: SSL connectors

2017-12-06 Thread Christopher Schultz
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 John, On 12/6/17 7:32 AM, Johan Compagner wrote: > On 1 December 2017 at 16:44, Mark Thomas wrote: > >> On 01/12/17 14:57, Chris Cheshire wrote: >>> I see in the changelog for 8.5.24 >>> >>> 60762: Add the ability to make

Re: SSL connectors

2017-12-06 Thread Johan Compagner
On 1 December 2017 at 16:44, Mark Thomas wrote: > On 01/12/17 14:57, Chris Cheshire wrote: > > I see in the changelog for 8.5.24 > > > > 60762: Add the ability to make changes to the TLS configuration of a > > connector at runtime without having to restart the Connector.

Re: SSL connectors

2017-12-06 Thread Mark Thomas
On 06/12/17 01:06, George S. wrote: > > > On 12/1/2017 8:44 AM, Mark Thomas wrote: >> On 01/12/17 14:57, Chris Cheshire wrote: >>> I see in the changelog for 8.5.24 >>> >>> 60762: Add the ability to make changes to the TLS configuration of a >>> connector at runtime without having to restart the

Re: SSL connectors

2017-12-05 Thread George S.
On 12/1/2017 8:44 AM, Mark Thomas wrote: On 01/12/17 14:57, Chris Cheshire wrote: I see in the changelog for 8.5.24 60762: Add the ability to make changes to the TLS configuration of a connector at runtime without having to restart the Connector. (markt) What strikes me as odd is that SSL

Re: SSL connectors

2017-12-01 Thread Christopher Schultz
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Mark, On 12/1/17 10:44 AM, Mark Thomas wrote: > On 01/12/17 14:57, Chris Cheshire wrote: >> I see in the changelog for 8.5.24 >> >> 60762: Add the ability to make changes to the TLS configuration >> of a connector at runtime without having to

Re: SSL connectors

2017-12-01 Thread Mark Thomas
On 01/12/17 14:57, Chris Cheshire wrote: > I see in the changelog for 8.5.24 > > 60762: Add the ability to make changes to the TLS configuration of a > connector at runtime without having to restart the Connector. (markt) > > Does this mean we can now update SSL certificates without bouncing the

SSL connectors

2017-12-01 Thread Chris Cheshire
I see in the changelog for 8.5.24 60762: Add the ability to make changes to the TLS configuration of a connector at runtime without having to restart the Connector. (markt) Does this mean we can now update SSL certificates without bouncing the connector?

Re: Is it possible to configure 2 SSL connectors on one Tomcat instance?

2011-03-11 Thread Nikko Nikko
Thanks for the detailed answers. I should find another solution. Nikko. 2011/3/9 Ognjen Blagojevic ognjen.d.blagoje...@gmail.com Nikko, On 9.3.2011 8:26, Nikko Nikko wrote: Thanks for the answers! I have one IP and wildcard certificate which I signed using local CA. I want to have

Re: Is it possible to configure 2 SSL connectors on one Tomcat instance?

2011-03-11 Thread Christopher Schultz
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Nikko, On 3/9/2011 2:26 AM, Nikko Nikko wrote: Thanks for the answers! I have one IP and wildcard certificate which I signed using local CA. I want to have different trust stores for client certificate authorization. It is a small PoC/demo and I

Re: Is it possible to configure 2 SSL connectors on one Tomcat instance?

2011-03-09 Thread Ognjen Blagojevic
Nikko, On 9.3.2011 8:26, Nikko Nikko wrote: Thanks for the answers! I have one IP and wildcard certificate which I signed using local CA. I want to have different trust stores for client certificate authorization. It is a small PoC/demo and I do not have 2 IP-s. The example above is using 2

Is it possible to configure 2 SSL connectors on one Tomcat instance?

2011-03-08 Thread Nikko Nikko
Hi, Is It possible to define 2 SSL connectors for 2 different virtual domain domains? For example I want to define 2 virtual hosts: “host1.myhost.com” and “host2.myhost.com” and want to have different trust store for each of them. I want to run them in one and the same Tomcat instance

Re: Is it possible to configure 2 SSL connectors on one Tomcat instance?

2011-03-08 Thread Borut Hadžialić
,   Is It possible to define 2 SSL connectors for 2 different virtual domain domains? For example I want to define 2 virtual hosts:  “host1.myhost.com” and “host2.myhost.com” and want to have different trust store  for each of them. I want to run them in one and the same Tomcat instance. Best regards

Re: Is it possible to configure 2 SSL connectors on one Tomcat instance?

2011-03-08 Thread Ognjen Blagojevic
On 8.3.2011 13:57, Nikko Nikko wrote: Is It possible to define 2 SSL connectors for 2 different virtual domain domains? For example I want to define 2 virtual hosts: “host1.myhost.com” and “host2.myhost.com” and want to have different trust store for each of them. I want to run them in one

AW: Is it possible to configure 2 SSL connectors on one Tomcat instance?

2011-03-08 Thread Steffen Heil
Hi If you have only 1 ip address then you might have a problem. The problem with name based virtual hosts under https/ssl is that ssl handshake (which involves server sending a certificate for some domain) happens after tcp/ip connection is established - before the HOST part of the http

Re: Is it possible to configure 2 SSL connectors on one Tomcat instance?

2011-03-08 Thread Ognjen Blagojevic
On 8.3.2011 14:51, Borut Hadžialić wrote: Maybe if your domains are really similar to host1.myhost.com and host2.myhost.com you could use a wildcard certificate (*.myhost.com) or if you are using a self-signed certificate and want just https encryption and not server verification - then you

Re: Is it possible to configure 2 SSL connectors on one Tomcat instance?

2011-03-08 Thread Nikko Nikko
Hi, Thanks for the answers! I have one IP and wildcard certificate which I signed using local CA. I want to have different trust stores for client certificate authorization. It is a small PoC/demo and I do not have 2 IP-s. The example above is using 2 IP-s and I did not get how to create