0

We have a single tomcat instance hosting our application. We recently changed domains and wanted to redirect users to the new domain.

By using the Tuckey URL rewrite filter, I can redirect requests from one domain to the other. However, I experience SSL name errors which results in the browser to hit the brakes before performing the 301.

How can I configure tomcat to issue the correct SSL certificate whenever the specific domain is requested?

BTW, ideally I want to proxy with Apache, but there is some additional testing I want to do.

John Giotta
  • 127
  • 2
  • 9
  • This question has already been asked and answered on StackOverflow: http://stackoverflow.com/questions/20190464/howto-setup-tomcat-serving-two-ssl-certificates-using-sni – Mike Scott Oct 22 '16 at 15:00
  • @MikeScott no, it really doesn't. This tomcat 6 I'm dealing with. The link you provided goes into using tomcat 8 and then tomcat 9. Nor am I looking to add SNI support. – John Giotta Oct 22 '16 at 17:00

1 Answers1

0

1) Without SNI support you'll need a second IP Address and point your old domain to the second IP. If you are only going to 301 them to a new domain you don't need tomcat, just a web server, the Cert and a 301 response with the new domain.

2) Continue with the configuration you have and replace your single domain certificate with a UCC multi-domain cert and add the old domain as SANS (subject alternative names)

Jacob Evans
  • 7,636
  • 3
  • 25
  • 55
  • I thought this was going to be the case. I'll work towards a date for apache as proxy. Too bad really... – John Giotta Oct 22 '16 at 22:00
  • If you are only using a proxy I'd suggest either nginx or haproxy, apache is a little fat for the task if you ask me. Also, Letsencrypt supports SANS if cost is a concern. – Jacob Evans Oct 22 '16 at 22:35