Tomcat version: Apache Tomcat/9.0.24
JVM version: 11.0.9.1+1-Ubuntu-0ubuntu1.18.04
I have 2 domains being served by the tomcat server
I have for each one a wildcard certificate. *.abc.co.za and *.defx.co.za
with the server.xml configuration below I always only get the *.defx.co.za certificate produced even thow I queried the abc.co.za domain.
By swopping around the connectors produce the other certificate
I do not seem to be able to produce different certificates for each different end-point visited!
Documentation does not seem to be good on this issue
/opt/tomcat/conf/server.xml
<Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol"
maxThreads="150" SSLEnabled="true" defaultSSLHostConfigName="defx.co.za">
<SSLHostConfig HostName="defx.co.za">
<Certificate certificateFile="conf/cert.pem"
certificateKeyFile="conf/privkey.pem"
certificateChainFile="conf/chain.pem" />
</SSLHostConfig>
<SSLHostConfig HostName="*.defx.co.za">
<Certificate certificateFile="conf/cert.pem"
certificateKeyFile="conf/privkey.pem"
certificateChainFile="conf/chain.pem" />
</SSLHostConfig>
</Connector>
<Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol"
maxThreads="150" SSLEnabled="true" defaultSSLHostConfigName="abc.co.za">
<SSLHostConfig HostName="abc.co.za">
<Certificate certificateFile="conf/abc-cert.pem"
certificateKeyFile="conf/abc-privkey.pem"
certificateChainFile="conf/abc-chain.pem" />
</SSLHostConfig>
<SSLHostConfig HostName="*.abc.co.za">
<Certificate certificateFile="conf/abc-cert.pem"
certificateKeyFile="conf/abc-privkey.pem"
certificateChainFile="conf/abc-chain.pem" />
</SSLHostConfig>
</Connector>
question from:
https://stackoverflow.com/questions/65886618/apache-tomcat-9-multi-domain-ssl-certs-fail-using-one-server 与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
