I have an SSL-enabled virtual host for my sites at example.com:10443
Listen 10443
<VirtualHost _default_:10443>
ServerName example.com:10443
ServerAdmin
[email protected]
ErrorLog "/var/log/httpd/error_log"
TransferLog "/var/log/httpd/access_log"
SSLEngine on
SSLProtocol all -SSLv2
SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5
SSLCertificateFile "/etc/ssl/private/example.com.crt"
SSLCertificateKeyFile "/etc/ssl/private/example.com.key"
SSLCertificateChainFile "/etc/ssl/private/sub.class1.server.ca.pem"
SSLCACertificateFile "/etc/ssl/private/StartCom.pem"
</VirtualHost>
Browsing to https://example.com:10443/ works as expected.
However, also
browsing to https://subdomain.example.com:10443/ (with DNS set) shows me the same pages (after SSL certificate warning). I would have expected the directive ServerName example.com:10443 to reject all connection attempts to other server names.
How can I tell the virtual host not to serve requests for URLs other than the top-level one?