top button
Flag Notify
    Connect to us
      Site Registration

Site Registration

SSL: two certs for the same service depending on the address

0 votes
388 views

We need to migrate to new address. Some time we need to listen on 2 domains. Is there any way to have two certs for the same service depending on the address?

Currently my SSL config is this:

SSLEnabled="true"
maxThreads="150"
scheme="https"
secure="true"
SSLVerifyClient="none"
SSLProtocol="TLSv1+TLSv1.1+TLSv1.2"
ciphers="TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_RSA_WITH_RC4_128_SHA, TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA256, TLS_RSA_WITH_AES_256_CBC_SHA,SSL_RSA_WITH_RC4_128_SHA"
useServerCipherSuitesOrder="true"
SSLCertificateFile="d:/apache-tomcat8/conf/cert/n/cert.cert"
SSLCertificateKeyFile="d:/apache-tomcat8/conf/cert/n/key.key"
SSLCACertificateFile="d:/apache-tomcat8/conf/cert/n/cacerts.pem"
SSLPassword="XXXX"
unpackWARs="true" autoDeploy="true"
directory="logs"
prefix="localhost_access_log" suffix=".txt"
pattern="%h %l %u %t "%r" %s %b"

Thank you for any help

posted Dec 12, 2016 by anonymous

Share this question
Facebook Share Button Twitter Share Button LinkedIn Share Button

1 Answer

0 votes

Yes (assuming you are on tomcat), but you need up be using Tomcat 8.5.x. It has support for TLS virtual hosting.

answer Dec 12, 2016 by Daler
Similar Questions
+1 vote

I am writing a simple tool that needs to read the serial number of a remote SSL certificate. I've poked around Google for a bit but can't find anything that fits the bill.

Is this possible in Python? If so, would someone point me in the general direction of how to do it?

0 votes

how to manage the secured connection error in HTTPS?

+2 votes

Does anyone knows how-to disable SSL v3 in older tomcat version, I have tried to variety solution including sslProtocols or sslEnabledProtocols but it both did not work well, the Firefox I am using to test is only select TLS 1 and result is that I were not able to access the site.

Below is the server information:

Server version: Apache Tomcat/6.0.18
Server built: Jul 22 2008 02:00:36
Server number: 6.0.18.0
OS Name: Windows 2003
OS Version: 5.2
Architecture: x86
JVM Version: 1.6.0-b105
JVM Vendor: Sun Microsystems Inc

+1 vote

I'm using apache 2.2 as front end and apache tomcat 6.0.37 as backend. I'm using mod_jk for connecting them.

The problem is. I'm using ssl certificates and configured ssl on apache. when I connect the site with https it works but when I click on an link it no more secure i.e. its not secure browsing anymore.

My requirement is as follows.

If user connects as https all the links should work as https. If the user connects as http all the links should work as http is such thing is possible?

0 votes

Following 2 vulnerabilities were detected in VA scan required for PCI compliance:

  1. SSL Weak Cipher Suites Supported
  2. SSL Medium Strength Cipher Suites Supported

I'm using CentOS 5.8 with open ssl version "openssl-0.9.8e-22.el5_8.4". Any idea how to get rid of this?

...