On Mon, Apr 30, 2012 at 9:12 PM, Mark Eggers <its_toas...@yahoo.com> wrote: > ----- Original Message ----- > >> From: Reka Thirunavukkarasu <rthirunavukkaras...@gmail.com> >> To: Tomcat Users List <users@tomcat.apache.org> >> Cc: >> Sent: Monday, April 30, 2012 4:19 AM >> Subject: Re: SNI (Server Name Indication) supports in Tomcat (7.0.27) >> >>T hanks. I could see all the clarifications there. >> >> Reka >> >> On Mon, Apr 30, 2012 at 2:34 PM, Mark Thomas <ma...@apache.org> wrote: >>> On 30/04/2012 09:58, Reka Thirunavukkarasu wrote: >>>> Can you please provide any material >>>> to got through to support SNI? >>> >>> http://tomcat.markmail.org/thread/q6d5czzlgih3r2ys >>> >>> Mark > > > Reka, > > Another wrinkle, but I've not tried this with Tomcat . . . > > You could look at a SAN cert. I'm currently using a SAN cert in Apache HTTPD > with named virtual hosts and SSL. The configuration check complains, but that > complaint is apparently a bug since the actual feature is supported. > > I don't know what the performance impact would be with many hosts. I also > don't know how this would work since you let your users choose virtual host > names. The SAN cert would have to be updated for each host name, which might > also be an issue for you.
Since we are dynamically handling the hosts, SAN is again an issue. The eventual approach is using wild card for the host names to overcome the issues with other approaches. Since we are using java 6, using SNI at the moment is not much stable for us. > > . . . . just my two cents. > /mde/ > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > Reka. -- Regards, Reka :) --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
