Virtual hosts enable PingAccess to protect multiple application domains and hosts.
A virtual host is defined by the host name and host port.
A wildcard (
*) can be used either to define either any host, such as
*:443, or any host within a domain, such as
*.example.com. If a request matches more than one virtual host, the
most specific match is used.
Prior to availability of server name indication (SNI) in Java 8, an HTTPS port could only present a single certificate. To handle multiple virtual hosts, you must use a wildcard name certificate or the Subject Alternative Name (SAN) extension. With SNI available, virtual hosts can present different certificates on a single HTTPS port. You can assign which certificates (key pairs) are used by which virtual host from the HTTPS Listeners window.
The Agent Resource Cache TTL advanced field is used to control PingAccess agent resources for each virtual host.
If you configure a trusted certificate group for a virtual host, or configure an engine key pair to associate it with a virtual host, those settings are used instead of any applicable HTTPS listeners or engine listeners for the virtual host.