VirtualHost not using correct SSL certificate file
- by Shawn Welch
I got a doozy of a setup with my virtual hosts and SSL. I found the problem, I need a solution. The problem is, the way I have my virtual hosts and server names setup, the LAST VirtualHost directive is associating the SSL certificate file with the ServerName regardless of IP address or ServerAlias.
In this case, SSL on www.site1.com is using the cert file that is established on the last VirtualHost; www.site2.com.
Is this how it is supposed to work? This seems to be happening because both of them are using the same ServerName; but I wouldn't think this would be a problem. I am specifically using the same ServerName for a purpose and I really can't change that. So I need a good fix for this. Yes, I could buy another UCC SSL and have them both on it but I have already done that; these are actually UCC SSLs already. They just so happen to be two different UCC SSLs.
<VirtualHost 11.22.33.44:80>
ServerName somename
ServerAlias www.site1.com
UseCanonicalName On
RewriteEngine On
RewriteOptions Inherit
</VirtualHost>
<VirtualHost 11.22.33.44:443>
ServerName somename
ServerAlias www.site1.com
UseCanonicalName On
SSLEngine on
SSLCertificateFile /usr/local/apache/conf/ssl.crt/cert1.crt
SSLCertificateKeyFile /usr/local/apache/conf/ssl.key/cert1.key
SSLCertificateChainFile /usr/local/apache/conf/chain/gd_bundle.crt
RewriteEngine On
RewriteOptions Inherit
</VirtualHost>
<VirtualHost 55.66.77.88:80>
ServerName somename
ServerAlias www.site2.com
UseCanonicalName On
RewriteEngine On
RewriteOptions Inherit
</VirtualHost>
<VirtualHost 55.66.77.88:443>
ServerName somename
ServerAlias www.site2.com
UseCanonicalName On
SSLEngine on
SSLCertificateFile /usr/local/apache/conf/ssl.crt/cert2.crt
SSLCertificateKeyFile /usr/local/apache/conf/ssl.key/cert2.key
SSLCertificateChainFile /usr/local/apache/conf/chain/gd_bundle.crt
RewriteEngine On
RewriteOptions Inherit
</VirtualHost>