Hi, My customer has registered several different domain names that all point to their web site, and all work interchangeably as far as normal HTTP requests are concerned. However, their SSL certificate was issued only against one of these names, and if you attempt to hit their site via HTTPS on any of the other names, you get a warning in the browser saying the site name doesn't match the cert. Fortunately, their home page doesn't need to be secure and users will typically hit the home page using HTTP before they proceed to the secure part of the site. My temporary solution was to insert some scriptlet code into the home page that checks if request.getServerName() equals the primary domain name, and if not, do a redirect to the primary domain name. Is there a better way to do this without having to insert scriptlet code into the page? I don't like that solution because it hard-codes their domain name in the page, and it also doesn't help if people bypass the home page and link to other pages in the site. Thanks, Frank View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3962281#... Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...