Paul wrote:
>Hi,
>
>I'm trying to setup a glassfish install with several virtual servers.
>Each of theses virtual server should have it's own keypair for SSL. I found
>how to bind a httplistener to a keypair alias.
>Now I face the following problem : all virtual server uses the same cacert, so
>they all trust the same certificates. I would like to have client
>certificates that could authenticate agains one virtual server but not the
>others.
>
>So, is there a way to bind a https listener to a given cacert ?
>
>
Here, you meant:
So, is there a way to bind a virtual server to a given cacert?
right?
The answer is: no, SSL credentials may be assigned only to HTTP
listeners, and not to virtual servers.
However, if you create a 1-to-1 mapping between virtual servers
and HTTP listeners, you would in effect be assigning SSL credentials
to virtual servers, which is what you want.
Jan