Re: Tomcat - Multiple sites and SSL

2016-01-15 Thread Olaf Kock
Please clarify your intent:

By default, tomcat has a /commented/ connector on 8443, which you can
configure You can activate as many connectors on as many ports
as you like. But if you have all applications on the same application
server anyways (and are using the same hostnames): Why bother?

This could be a question about SNI (Server Name Indication) to have
multiple domain names on a single IP (but you're mentioning only one
domain name).
This could also be a question about how to map tomcat's ports to 80 or,
in your case more likely 443.
Or it could be a question on how to set up https in general. Why do you
want to listen on several ports? Wouldn't you - in the end - want them
all to come in through https on the standard port?

Olaf

Am 15.01.2016 um 20:01 schrieb Jeff Jennings:
> I will have two applications running on my tomcat server
>
> Jira on port 8080 and confluence on port 8090
>
> I'm going to get an ssl cert for the server which I'll call something like
> test.mysite.com
>
> Once I get my ssl cert for test.mysite.com how do I go about setting up the
> configuration file for tomcat so that both sites can share the cert.
>
> I've been using regular apache for years and know how to do it with virtual
> hosts in httpd.conf and ssl.conf but tomcat is new to me.
>
> any pointers would be appreciated.
>
> I'm thinking I'd like to map 8080 to something like test.mysite.com/jira
> and 8090 to test.mysite.com/confluence
>
> but I'm open to all ideas.
>
> I see tomcat want to use port 8443 for ssl
>
> I have read this page:
> https://tomcat.apache.org/tomcat-6.0-doc/ssl-howto.html but am unsure how
> to handle multiple apps on the same server that listen on different ports.
>
> thanks
>
> jeff
>



Re: Tomcat - Multiple sites and SSL

2016-01-15 Thread Ari Luoma
Hi,

Try following. I can't guarantee it works with Jira and Confluence but this
could work.

Set up the cert in Apache and create AJP proxies between Apache and Tomcats
(if running one Tomcat for jira and one for confluence). I have similar
setup with other applications.

-Ari

15.1.2016 21.02 "Jeff Jennings" wrote:
>
> I will have two applications running on my tomcat server
>
> Jira on port 8080 and confluence on port 8090
>
> I'm going to get an ssl cert for the server which I'll call something like
> test.mysite.com
>
> Once I get my ssl cert for test.mysite.com how do I go about setting up
the
> configuration file for tomcat so that both sites can share the cert.
>
> I've been using regular apache for years and know how to do it with
virtual
> hosts in httpd.conf and ssl.conf but tomcat is new to me.
>
> any pointers would be appreciated.
>
> I'm thinking I'd like to map 8080 to something like test.mysite.com/jira
> and 8090 to test.mysite.com/confluence
>
> but I'm open to all ideas.
>
> I see tomcat want to use port 8443 for ssl
>
> I have read this page:
> https://tomcat.apache.org/tomcat-6.0-doc/ssl-howto.html but am unsure how
> to handle multiple apps on the same server that listen on different ports.
>
> thanks
>
> jeff


Re: Tomcat - Multiple sites and SSL

2016-01-15 Thread Christopher Schultz
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Jeff,

On 1/15/16 2:01 PM, Jeff Jennings wrote:
> I will have two applications running on my tomcat server
> 
> Jira on port 8080 and confluence on port 8090
> 
> I'm going to get an ssl cert for the server which I'll call
> something like test.mysite.com
> 
> Once I get my ssl cert for test.mysite.com how do I go about
> setting up the configuration file for tomcat so that both sites can
> share the cert.
> 
> I've been using regular apache for years and know how to do it with
> virtual hosts in httpd.conf and ssl.conf but tomcat is new to me.
> 
> any pointers would be appreciated.
> 
> I'm thinking I'd like to map 8080 to something like
> test.mysite.com/jira and 8090 to test.mysite.com/confluence
> 
> but I'm open to all ideas.
> 
> I see tomcat want to use port 8443 for ssl
> 
> I have read this page: 
> https://tomcat.apache.org/tomcat-6.0-doc/ssl-howto.html but am
> unsure how to handle multiple apps on the same server that listen
> on different ports.

Although you can't use multiple Atlassian products in a single Tomcat
instance (boo!), the configuration would have been easy:

Just configure the same certificate on the connectors for both ports.
In fact, there's no reason to use separate ports for each application:
you can use a single connector with separately-named web applications
(e.g. /jira versus /other-product) or virtual hosting if both of them
must run as ROOT application (again, boo!).

- -chris
-BEGIN PGP SIGNATURE-
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iEYEARECAAYFAlaZVnUACgkQ9CaO5/Lv0PCV1ACgsYlG6zPbZOvRVEf2U8Nwq6Ds
jgQAniOX3xsjsLk0r0XNx1aBkhS+uE8t
=HtjI
-END PGP SIGNATURE-

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org



Re: Tomcat - Multiple sites and SSL

2016-01-15 Thread Jeff Jennings
Thanks - I understand your questionw. but unfortunately based on further
investigation I've discovered that I cannot run both of my apps on the same
server.


https://confluence.atlassian.com/jira/deploying-multiple-atlassian-applications-in-a-single-tomcat-container-218279138.html

On Fri, Jan 15, 2016 at 2:09 PM, Olaf Kock  wrote:

> Please clarify your intent:
>
> By default, tomcat has a /commented/ connector on 8443, which you can
> configure You can activate as many connectors on as many ports
> as you like. But if you have all applications on the same application
> server anyways (and are using the same hostnames): Why bother?
>
> This could be a question about SNI (Server Name Indication) to have
> multiple domain names on a single IP (but you're mentioning only one
> domain name).
> This could also be a question about how to map tomcat's ports to 80 or,
> in your case more likely 443.
> Or it could be a question on how to set up https in general. Why do you
> want to listen on several ports? Wouldn't you - in the end - want them
> all to come in through https on the standard port?
>
> Olaf
>
> Am 15.01.2016 um 20:01 schrieb Jeff Jennings:
> > I will have two applications running on my tomcat server
> >
> > Jira on port 8080 and confluence on port 8090
> >
> > I'm going to get an ssl cert for the server which I'll call something
> like
> > test.mysite.com
> >
> > Once I get my ssl cert for test.mysite.com how do I go about setting up
> the
> > configuration file for tomcat so that both sites can share the cert.
> >
> > I've been using regular apache for years and know how to do it with
> virtual
> > hosts in httpd.conf and ssl.conf but tomcat is new to me.
> >
> > any pointers would be appreciated.
> >
> > I'm thinking I'd like to map 8080 to something like test.mysite.com/jira
> > and 8090 to test.mysite.com/confluence
> >
> > but I'm open to all ideas.
> >
> > I see tomcat want to use port 8443 for ssl
> >
> > I have read this page:
> > https://tomcat.apache.org/tomcat-6.0-doc/ssl-howto.html but am unsure
> how
> > to handle multiple apps on the same server that listen on different
> ports.
> >
> > thanks
> >
> > jeff
> >
>
>