Virtual hosts
Virtual hosts enable PingAccess to protect multiple application domains and hosts.
A virtual host is defined by the host name and host port.
A wildcard (*
) can be used either to define either any host, such as *:443
, or any host within a domain, such as *.example.com
. If a request matches more than one virtual host, the most specific match is used.
Prior to availability of server name indication (SNI) in Java 8, an HTTPS port could only present a single certificate. To handle multiple virtual hosts, you must use a wildcard name certificate or the Subject Alternative Name (SAN) extension. With SNI available, virtual hosts can present different certificates on a single HTTPS port. You can assign which certificates (key pairs) are used by which virtual host from the HTTPS Listeners window. |
The Agent Resource Cache TTL advanced field is used to control PingAccess agent resources for each virtual host.
If you configure a trusted certificate group for a virtual host, or configure an engine key pair to associate it with a virtual host, those settings are used instead of any applicable HTTPS listeners or engine listeners for the virtual host.