Configure multiple keystores in JBoss depending on requested hostname

By : Mo.
Source: Stackoverflow.com
Question!

I have my J2EE application deployed into a JBossAS. My Application has to respond to two different hostnames (https://foo.com/myApp and https://bar.com/myApp). It is the same instance of the app serving those two hostnames.

But I don't know how to configure the keystores. I need different keystores for each hostname. Is there a way to tie a virtual host in JBoss' server.xml to a specific connector?

Or do I have to use two different IP-addresses and create a connector for each?

A solution that does not require a second IP-address would be greatly appreciated.

By : Mo.


Answers

With SSL you have to use two different I.P. addresses if you wish to use different SSL certificates. This isn't a shortcoming in Tomcat/JBoss, it is just the reality of the protocol.

I can't remember the technical reason off the top of my head (Google knows), but it comes down to the server not being able to read the domain name until it has decoded the incoming SSL request.

To use two different keystores you will need to define two different connectors (using different I.P. addresses or ports) in the jbossweb-tomcat55.sar/server.xml file. This will get your SSL certificates working, but if you only have one I.P. your second certificate will need to be setup on a non-standard port.



You should check out "patterns & practices: Composite WPF and Silverlight"

http://www.codeplex.com/CompositeWPF/Wiki/View.aspx?title=Home

It has quick starts with WPF/Silvelight versions of the same app in one solution. Also a "Project Linker" that updates the source of your WPF app when you change Silverlight code (or vice versa) using linking. It can be overridden when you have version specific code.

The examples are still a little rough around the edges but it may give you an idea of how to go about your project.

HTH

By : Mark


This video can help you solving your question :)
By: admin