Just for the ones reading this... it is possible only if each of your apache
virtual host has a unique ip address. If you use the same ip address for
several virtual hosts for a setup such as the one described here, things
won't work as expected.
This is an apache restriction.
So, I'm stuck.
Paul
Le Monday 01 September 2008 18:25:56 Paul, vous avez écrit :
> Ok, I did it using the right JK directives and worker properties described
> in ... the official documentation :)
>
> http://docs.sun.com/app/docs/doc/819-3672/gfaad?a=view
>
> This is working well with one apache virtual host.
>
> But, I have two gf-domains with different keystore/truststore attached to
> their respective https listeners.
>
> Next, I've set up two virtual hosts in apache using different
> certificates/keys and workers. Now if I use a p12 allowed on only one
> gf-domain in my browser, I can authenticate on both domains what glassfish
> do not permit when requested directly.
>
> What did I do wrong ?
>
> Thanks in advance
>
> Paul
>
> Le Monday 01 September 2008 15:18:51 Paul, vous avez écrit :
> > Hello,
> >
> > I have glassfish apps that use client cert authentication for
> > autorization purposes and I need to put them behind an apache instance.
> >
> > I managed to make simple SSL (with no client cert auth) work but I can't
> > manage to do SSL mutual auth through apache.
> >
> > Is it only possible ?
> >
> > I've googled a bit and found howtos about apache handling the ssl and
> > glassfish serving http only but none for such a setup.
> >
> > Thanks for reading and if you have any clues I'll be thankfull.
> >
> > Regards
> >
> > Paul
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe_at_glassfish.dev.java.net
> For additional commands, e-mail: users-help_at_glassfish.dev.java.net