Search...
FAQs Subscribe
Pie
FAQs
Recent topics Flagged topics Hot topics Best topics
Search...
Search within Tomcat Search Coderanch
Advance search Google search
Register / Login
thread boost polymorphism granny book review grid advertise on coderanch
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
thread boost book review grid advertise on coderanch meaningless drivel building better world book
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

Tomcat 6 always uses default host in multi-host config

 
Jeff Wild
Greenhorn
Posts: 2
posted 13 years ago
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
    Send
  • Quote
  • Report post to moderator
I have two IP-based virtual hosts configured in a standalone Tomcat server. Each host has its own SSL certificate and keystore. Tomcat appears to behave as if only the default host is defined. When I hit seconddomain.com, Tomcat serves the ROOT app for firstdomain.com and writes to firstdomain.com access log. When I try https://seconddomain.com, the domain is untrusted, which I suspect is because Tomcat is using the cert for firstdomain.

If I change the defaultHost value to seconddomain.com, the behavior flips and Tomcat serves the ROOT app for seconddomain.com when I try http://firstdomain.com.

AFAIK, the server.xml configuration below should work. Any clues as to what is wrong?

TIA

* Tomcat 6.0.26 (stand alone -- no Apache)
* Red Hat Enterprise 5 (Linux 2.6.18-164.15.1.el5 on x86_64)
* IP-based virtual hosting
* Tomcat running as daemon via JSVC
* server.xml:

break not thy word, for thy word is wind.<br /> --Shakespeare

 
Tim Holloway
Saloon Keeper
Posts: 27807
196
I like...
Android Eclipse IDE Tomcat Server Redhat Java Linux
posted 13 years ago
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
    Send
  • Quote
  • Report post to moderator
There is a fundamental limitation of one cert per IP address, I believe. It's not even a Tomcat limitation, just a limitation on how certs work.

And it's a real pain.

The secret of how to be miserable is to constantly expect things are going to happen the way that they are "supposed" to happen.

You can have faith, which carries the understanding that you may be disappointed. Then there's being a willfully-blind idiot, which virtually guarantees it.

 
Jeff Wild
Greenhorn
Posts: 2
posted 13 years ago
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
    Send
  • Quote
  • Report post to moderator

The solution is to add an Alias element to the Host element:

<Host ...>
...
<Alias>1.2.3.4</Alias>
...
</Host>

where 1.2.3.4 is the private IP address specified in the corresponding Connector

break not thy word, for thy word is wind.<br /> --Shakespeare

 
Did you see how Paul cut 87% off of his electric heat bill with 82 watts of micro heaters?
reply
reply
    Bookmark Topic Watch Topic
  • New Topic
Boost this thread!
Similar Threads
More...