---
title: Virtual hosts
description: Virtual hosts enable PingAccess to protect multiple application domains and hosts.
component: pingaccess
version: 9.0
page_id: pingaccess:pingaccess_user_interface_reference_guide:pa_virtual_hosts
canonical_url: https://docs.pingidentity.com/pingaccess/9.0/pingaccess_user_interface_reference_guide/pa_virtual_hosts.html
revdate: November 18, 2025
---

# Virtual hosts

Virtual hosts enable PingAccess to protect multiple application domains and hosts.

* Defining virtual hosts

  A virtual host is defined by the host name and host port.

  You can use a wildcard (`*`) to define either any host, such as `*:443`, or any host within a domain, such as `*.example.com`.

  If a request matches more than one virtual host, PingAccess uses the most specific match.

* Assigning certificates

  Virtual hosts can present different certificates on a single HTTPS port. You can assign which certificates (key pairs) are used by which virtual host from the [HTTPS Listeners](pa_assigning_key_pairs_to_https_listeners.html) window.

  |   |                                                                                                                                                                                                                                        |
  | - | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
  |   | If you configure a trusted certificate group for a virtual host, or configure an engine key pair to associate it with a virtual host, those settings override any applicable HTTPS listeners or engine listeners for the virtual host. |

* Controlling agent resources

  You can use the **Agent Resource Cache TTL** field to control PingAccess agent resources for each virtual host.