Michael, I'm up to my eyeballs in SSL-problems using TC but maybe I can help. You have: https://host:443/ https://host:444/ This indicates that you have two _different_ applications and they do not share session content. To let them share session requires authentication mechanisms that is not likely to be a part of the current TC.
If they are one app I see no point in having two ports. But maybe you mean that you use http and https to the same app. That should work. At least if you step-up from http to https, it works for me at least. The other-way-round should be disabled by browsers for security reasons although IE don't care... Anders ----- Original Message ----- From: "Michael Welsh" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Wednesday, March 13, 2002 14:37 Subject: Multiple SSL ports Greetings, I have a server running Apache 1.3.22 and Tomcat 3.3 on Solaris 8. Up until now my Tomcat configuration included just one webapp and it used the standard port 443 for SSL (through Apache). That all works really well. Now I am trying to integrate a second webapp, and therefore a second context that will use a different SSL certificate. This is no problem for all http requests since they all use port 80, but https ports are a different story. Since 443 is already used for the first context, I am forced to use a different port for the second, and to include it in my URL (i.e. https://www.xxx.com:444/). That too works fine now that I got it set up correctly in my Apache configuration file. So here's the problem: The client will surf through the site and collect his set of session objects (cart, etc.), but when it comes to to activate the SSL, Tomcat seems to look at that URL as if it were a new user, therefore assigning it a new session. The client looses his cart. Any ideas of how I can make Tomcat not pay attention to the port for the server information? any help would be a blessing Michael Welsh -- To unsubscribe: <mailto:[EMAIL PROTECTED]> For additional commands: <mailto:[EMAIL PROTECTED]> Troubles with the list: <mailto:[EMAIL PROTECTED]> -- To unsubscribe: <mailto:[EMAIL PROTECTED]> For additional commands: <mailto:[EMAIL PROTECTED]> Troubles with the list: <mailto:[EMAIL PROTECTED]>
