Avatar of Bbouch
BbouchFlag for United States of America asked on

Help on configuring multiple Virtual Hosts on the same servers using SSL certificates

I'm running into an issue trying to configure multiple applications on the same physical boxes to be accessed through an SSL connection (https) and could use some fairly detailed help on how to

The issue I am running into is this:

ApplicationA is a web application accessed through a Load Balanced address of https://mw-applicationa-lb.  The load balancer sends traffic to an IHS webserver running on either server1 or server2 (the app is horizontally clustered)  IHS, using the WAS plugin, redirects to the appropriate cluster in WebSphere Application Server (IHS, plugin and AppServer are all on the same server.. server1 and server2)

This basic configuration we have working...

The issue is when we add a 2nd application, ApplicationB in another cluster, responding to a different load balanced address, https://mw-applicationb-lb.

When a user tries to access the second application, they get a pop-up/warning that the certificate is invalid, because they are going to https://mw-applicationb-lb, but the certificate was issued to mw-applicationa-lb  We had thought we could add another certificate to the server for each virtual host, but it doesn't seem to be working.

I'm sure this is a fairly common configuration, but we haven't been able to get rid of this warning.  Anyone have thoughts on what we may be doing wrong?  I'm terribly inexperienced with SSL configurations, so please explain in some detail if you could.

If I need to provide more information, let me know

TIA,
 Brian
Java App Servers

Avatar of undefined
Last Comment
AdminRAM

8/22/2022 - Mon
ASKER CERTIFIED SOLUTION
AdminRAM

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
See how we're fighting big data
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question
ASKER
Bbouch

Thanks AdminRam. I thought I had read this somewhere, but I wanted to verify I wasn't crazy.  Since we're talking about a few hundred potential addresses, I think we'll reconsider our strategy and go with more generic addresses.
AdminRAM

Thank you very much for grade and points

Have a good day
AdminRam
All of life is about relationships, and EE has made a viirtual community a real community. It lifts everyone's boat
William Peck