Hi, Thanks for the answers! I have one IP and wildcard certificate which I signed using local CA. I want to have different trust stores for client certificate authorization. It is a small PoC/demo and I do not have 2 IP-s.
The example above is using 2 IP-s and I did not get how to create configuration with same Ip and port but different virtual hosts. Do you have example or just a hint how to configure it ? Regards, Nikko. 2011/3/9 Ognjen Blagojevic <ognjen.d.blagoje...@gmail.com> > On 8.3.2011 14:51, Borut Hadžialić wrote: > >> Maybe if your domains are really similar to host1.myhost.com and >> host2.myhost.com you could use a wildcard certificate (*.myhost.com) >> or if you are using a self-signed certificate and want just https >> encryption and not server verification - then you could use 1 Tomcat >> connector. >> > > Other than wildcard certificates one might also use SAN or SNI if there is > one IP address. They are both briefly explained here [1]. > > SAN is supported in Java 7 keytool (available as early access), and on most > browsers. > > I am not sure about server-side SNI, but it is not 100% supported on > browsers [2]. Oddly, Wikipedia article states that Apache Tomcat supports > SNI, but I cannot find any such reference in the docs. > > -Ognjen > > [1] http://redmine.lighttpd.net/wiki/1/Docs:SSL#SSL-on-multiple-domains > [2] http://en.wikipedia.org/wiki/Server_Name_Indication#Support > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > >
