Java Mailing List Archive

http://www.junlu.com/

Home » Home (12/2007) » Apache Tomcat »

problems with IP based virtual hosting with multiple SSL certificates and APR

Przemyslaw Ceglowski

2007-07-18

Replies:

Dear Users,

I have been fighting with it for good few weeks now and I cannot manage to
make it work myself so any help would be appreciated.

With the below setup, only www.domain1.com works fine by HTTPS. I can reach
the content of the others by HTTP but HTTPS is giving me 404 for all of
them.

There are no errors in Catalina.out.

Regards,
Przemek

# netstat -ntl
Tcp     0 0       192.168.86.104:443     0.0.0.0:*  LISTEN
Tcp     0 0       192.168.86.103:443     0.0.0.0:*  LISTEN
Tcp     0 0       192.168.86.74:443      0.0.0.0:*  LISTEN
Tcp     0 0       192.168.86.73:443      0.0.0.0:*  LISTEN
Tcp     0 0       192.168.86.72:443      0.0.0.0:*  LISTEN
Tcp     0 0       192.168.86.71:443      0.0.0.0:*  LISTEN
Tcp     0 0       ::ffff:127.0.0.1:8005   :::*     LISTEN
Tcp     0 0       :::80              :::*     LISTEN


OS: Fedora Core 6
Software versions:
Apache Tomcat Version 6.0.10
Java(TM) SE Runtime Environment (build 1.6.0-b105)
tomcat-native-1.1.8
apr-1.2.9


========================================================================
server.xml
========================================================================

<Server port="8005" shutdown="0fbb9aebcbfbef203eca71b6be367859">

<Listener className="org.apache.catalina.core.AprLifecycleListener"
SSLEngine="on" />
<Listener className="org.apache.catalina.core.JasperListener" />
<Listener className="org.apache.catalina.mbeans.ServerLifecycleListener" />
<Listener
className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener" />

<GlobalNamingResources>
<Resource name="UserDatabase" auth="Container"
      type="org.apache.catalina.UserDatabase"
      description="User database that can be updated and saved"
      factory="org.apache.catalina.users.MemoryUserDatabaseFactory"
      pathname="conf/tomcat-users.xml" />
</GlobalNamingResources>

<Service name="Catalina">

<Connector port="80" protocol="HTTP/1.1"
      maxThreads="150"
      connectionTimeout="20000"
      redirectPort="443" />

<Connector debug="5" port="443" address="192.168.86.71" protocol="HTTP/1.1"
      acceptCount="100" clientAuth="false" disableUploadTimeout="true"
enableLookups="false"
      maxSpareThreads="75" maxThreads="150" minSpareThreads="25"
      SSLEnabled="true" SSLProtocol="TLS" secure="true" scheme="https"
useIPVHosts="true"
      SSLCertificateFile="${catalina.base}/ssl/www.domain1.com.crt"
      SSLCertificateKeyFile="${catalina.base}/ssl/www.domain1.com.key"
/>

<Connector debug="5" port="443" address="192.168.86.72" protocol="HTTP/1.1"
      acceptCount="100" clientAuth="false" disableUploadTimeout="true"
enableLookups="false"
      maxSpareThreads="75" maxThreads="150" minSpareThreads="25"
      SSLEnabled="true" SSLProtocol="TLS" secure="true" scheme="https"
useIPVHosts="true"
      SSLCertificateFile="${catalina.base}/ssl/www.domain2.com.crt"
      SSLCertificateKeyFile="${catalina.base}/ssl/www.domain2.com.key"
/>

<Connector debug="5" port="443" address="192.168.86.73" protocol="HTTP/1.1"
      acceptCount="100" clientAuth="false" disableUploadTimeout="true"
enableLookups="false"
      maxSpareThreads="75" maxThreads="150" minSpareThreads="25"
      SSLEnabled="true" SSLProtocol="TLS" secure="true" scheme="https"
useIPVHosts="true"
      SSLCertificateFile="${catalina.base}/ssl/www.domain3.com.crt"
      SSLCertificateKeyFile="${catalina.base}/ssl/ www.domain3.com.key"
/>

<Connector debug="5" port="443" address="212.78.86.74" protocol="HTTP/1.1"
      acceptCount="100" clientAuth="false" disableUploadTimeout="true"
enableLookups="false"
      maxSpareThreads="75" maxThreads="150" minSpareThreads="25"
      SSLEnabled="true" SSLProtocol="TLS" secure="true" scheme="https"
useIPVHosts="true"
      SSLCertificateFile="${catalina.base}/ssl/www.domain4.com.crt"
      SSLCertificateKeyFile="${catalina.base}/ssl/www.domain4.com.key"
/>

<Connector debug="5" port="443" address="192.168.86.103" protocol="HTTP/1.1"
      acceptCount="100" clientAuth="false" disableUploadTimeout="true"
enableLookups="false"
      maxSpareThreads="75" maxThreads="150" minSpareThreads="25"
      SSLEnabled="true" SSLProtocol="TLS" secure="true" scheme="https"
useIPVHosts="true"
      SSLCertificateFile="${catalina.base}/ssl/www.domain5.com.crt"
      SSLCertificateKeyFile="${catalina.base}/ssl/www.domain5.com.key"
/>

<Connector debug="5" port="443" address="192.168.86.104" protocol="HTTP/1.1"
      acceptCount="100" clientAuth="false" disableUploadTimeout="true"
enableLookups="false"
      maxSpareThreads="75" maxThreads="150" minSpareThreads="25"
      SSLEnabled="true" SSLProtocol="TLS" secure="true" scheme="https"
useIPVHosts="true"
      SSLCertificateFile="${catalina.base}/ssl/www.domain6.com.crt"
      SSLCertificateKeyFile="${catalina.base}/ssl/www.domain6.com.key"
/>

<Engine name="Catalina" defaultHost="localhost">
<Realm className="org.apache.catalina.realm.UserDatabaseRealm"
        resourceName="UserDatabase"/>

<Host name="localhost" appBase="webapps"
   unpackWARs="true" autoDeploy="true"
   xmlValidation="false" xmlNamespaceAware="false">
<Valve className="org.apache.catalina.valves.AccessLogValve"
directory="logs"
    prefix="localhost_access_log." suffix=".txt" pattern="common"
resolveHosts="false"/>
</Host>

<Host name="www.domain1.com" debug="5"
   appBase="/usr/local/tomcat/webapps/www.domain1.com/"
   unpackWARs="true" autoDeploy="true">
<Context path="" docBase="" debug="1"/>
<Valve className="org.apache.catalina.valves.AccessLogValve"
    directory="logs" prefix="www.domain1.com_access."
    suffix=".log" pattern="common" resolveHosts="false"/>
</Host>

<Host name="www.domain2.com" debug="5"
   appBase="/usr/local/tomcat/webapps/www.domain2.com/"
   unpackWARs="true" autoDeploy="true">
<Context path="" docBase="" debug="1"/>
<Valve className="org.apache.catalina.valves.AccessLogValve"
    directory="logs" prefix="www.domain2.com_access."
    suffix=".log" pattern="common" resolveHosts="false"/>
</Host>

<Host name="www.domain3.com" debug="5"
   appBase="/usr/local/tomcat/webapps/www.domain3.com/"
   unpackWARs="true" autoDeploy="true">
<Context path="" docBase="" debug="1"/>
<Valve className="org.apache.catalina.valves.AccessLogValve"
    directory="logs" prefix="www.domain3.com_access."
    suffix=".log" pattern="common" resolveHosts="false"/>
</Host>

<Host name="www.domain4.com" debug="5"
   appBase="/usr/local/tomcat/webapps/www.domain4.com/"
   unpackWARs="true" autoDeploy="true">
<Context path="" docBase="" debug="1"/>
<Valve className="org.apache.catalina.valves.AccessLogValve"
    directory="logs" prefix="www.domain4.com_access."
    suffix=".log" pattern="common" resolveHosts="false"/>
</Host>

<Host name="www.domain5.com" debug="5"
   appBase="/usr/local/tomcat/webapps/www.domain5.com/"
   unpackWARs="true" autoDeploy="true">
<Context path="" docBase="" debug="1"/>
<Valve className="org.apache.catalina.valves.AccessLogValve"
    directory="logs" prefix="www.domain5.com_access."
    suffix=".log" pattern="common" resolveHosts="false"/>
</Host>

<Host name="www.domain6.com" debug="5"
   appBase="/usr/local/tomcat/webapps/www.domain6.com/"
   unpackWARs="true" autoDeploy="true">
<Context path="" docBase="" debug="1"/>
<Valve className="org.apache.catalina.valves.AccessLogValve"
    directory="logs" prefix="www.domain6.com_access."
    suffix=".log" pattern="common" resolveHosts="false"/>
</Host>

</Engine>
</Service>
</Server>
===================================================================


---------------------------------------------------------------------
To start a new topic, e-mail: users@(protected)
To unsubscribe, e-mail: users-unsubscribe@(protected)
For additional commands, e-mail: users-help@(protected)

©2008 junlu.com - Jax Systems, LLC, U.S.A.