Solved

ssl subdomains in tomcat?

Posted on 2012-03-12
4
884 Views
Last Modified: 2012-04-10
I have say

https://sub1.domain.com 
https://sub2.domain.com 

The ssl cert is a wildcard cert.  Do I have to use IP based hosting in tomcat or can I use name-based hosting?
0
Comment
Question by:casit
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 11

Expert Comment

by:rowansmith
ID: 37712907
You can use name based hosting.  The Server will always return the same certificate no matter what domain the user is going too.  So long as the certificate matches the domain which the user is destined for the user will not get a certificate mismatch error.
0
 

Author Comment

by:casit
ID: 37713029
How would I set that up in the config file?  I haven't had to configure tomcat alot.
0
 
LVL 11

Accepted Solution

by:
rowansmith earned 500 total points
ID: 37713126
Create an SSL connector that uses the Wildcard Certificate.  Then create Virtual Hosts that are bound to that connector.

<Server port="8005" shutdown="SHUTDOWN" debug="0">
  <Service name="Tomcat-Standalone">
    <Connector className="org.apache.coyote.tomcat4.CoyoteConnector"
			port="8080" minProcessors="5" maxProcessors="75"
			enableLookups="true" redirectPort="8443"/>
    <Connector className="org.apache.coyote.tomcat4.CoyoteConnector"
			port="8443" minProcessors="5" maxProcessors="75"
			acceptCount="10" debug="0" scheme="https" secure="true"/>
      <Factory className="org.apache.coyote.tomcat4.CoyoteServerSocketFactory"
			clientAuth="false" protocol="TLS" />
    </Connector>
    <Engine name="Standalone" defaultHost="localhost" debug="0">
      <!-- This Host is the default Host -->
      <Host name="localhost" debug="0" appBase="webapps"
	      unpackWARs="true" autoDeploy="true">
        <Context path="" docBase="ROOT" debug="0"/>
        <Context path="/orders" docBase="/home/ian/orders" debug="0"
                       reloadable="true" crossContext="true">
        </Context>
      </Host>

      <!-- This Host is the first "Virtual Host": www.example.com -->
      <Host name="www.example.com" appBase="/home/example/webapp">
        <Context path="" docBase="."/>
      </Host>

    </Engine>
  </Service>
</Server>

Open in new window


You'll find a good description of it all here.  Effectively it is exactly the same as creating a Virtual Host setup without SSL.  All you are doing is adding SSL to the Connector which the Host entries are bound too.
0
 

Author Comment

by:casit
ID: 37830801
How would I make SSL listen on port 443 and forward all traffic on port 80 to the appropriate virtual host on 443?
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Most ColdFusion developers get confused between the CFSet, Duplicate, and Structcopy methods of copying a Structure, especially which one to use when. This Article will explain the differences in the approaches with examples; therefore, after readin…
What You Need to Know when Searching for a Webhost Provider
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
Finding and deleting duplicate (picture) files can be a time consuming task. My wife and I, our three kids and their families all share one dilemma: Managing our pictures. Between desktops, laptops, phones, tablets, and cameras; over the last decade…
Suggested Courses

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question