Can I have two connector tags for the same address in server.xml of tomcat?

Question

I have got two DNS entries for the same IP address. And I have two ssl keystores for each one of them. Can I mention both the keystores in server.xml as shown below ?

<Connector address="my_IP_Addres" port="443" protocol="HTTP/1.1" SSLEnabled="true"
                         maxThreads="150" scheme="https" secure="true"
                           enableLookups="true" disableUploadTimeout="true"
                           keystoreFile="1st_keystore_file" keystorePass="1st_key_pass"
                           clientAuth="false" sslProtocol="SSL" />

<Connector address="my_IP_Addres" port="443" protocol="HTTP/1.1" SSLEnabled="true"
                         maxThreads="150" scheme="https" secure="true"
                           enableLookups="true" disableUploadTimeout="true"
                           keystoreFile="2nd_keystore_file" keystorePass="2nd_key_pass"
                           clientAuth="false" sslProtocol="SSL" />  

Answer 1

No, you cannot use several connectors to single endpoint with Tomcat. HTTPS is HTTP over SSL. It means

1. client and server establish SSL connection, using only IP:port pairs during handshake procedure
2. client and server exchange HTTP messages over established SSL connection

DNS entries (host->IP) in your case allows client to resolve server IP before SSL handshake. But during handshake hostnames are not used. This is why server cannot resolve which key/cert pair to use on this phase. And this is the cause, why the only key/cert pair can be provided.

See HTTPS limitations for more details.