0

I have a server hosting multiple web applications using Tomcat 8.0, each one in their virtual host, for example

Virtual Host "a.example.com" points to https://example.com/a
Virtual Host "b.example.com" points to https://example.com/b

My question is that, is there a way I could setup my multiple virtual hosts to use my single SSL certificate? Do i need tomcat SNI support for that?

Kaj Risberg
  • 617
  • 9
  • 15
  • Sure, you just need to have two subjectAlternativeNames in the certificate, one with `a.example.com` and one with `b.example.com`. Tomcat must support SNI as well. See [this answer](https://stackoverflow.com/a/20287941/238704). – President James K. Polk Nov 19 '18 at 17:13

1 Answers1

1

In order to connect to a.example.com, you'll need a valid certificate for a.example.com. Same for any connection to b.example.com - and as I assume that SNI is ubiquituous by now, I don't know if the answer "yes" would require you to do something different than "no".

In the very special case that you use in your question, you can also work with wildcard certificates for *.example.com - ideally with an alternative name for example.com. It depends on the certification authority that you intend to use if it's available and how much you'll have to pay for it. Of course, if this was only an example, and the actual domain names are more diverse, it's no longer an option.

Just assume you need SNI - there's no problem using it.

Olaf Kock
  • 46,930
  • 8
  • 59
  • 90