Currently my server has 1 website running on https/ssl. The thing is when I enable a second vhost, also with https/ssl, the first website I have running is now using the ssl cert of the new website.
I have tried putting the two websites in a single vhost file, didn't work so I made 2 seperate files instead.
Here are my vhost config files:
(Naming them websiteZ and website Y because of alphabetical order they are in)
vhost current running website .conf
<VirtualHost *:80>
ServerAlias *.websiteZ.nl
Redirect 301 / https://websiteZ.nl
</VirtualHost>
NameVirtualHost *:443
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerName www.websiteZ.nl
DocumentRoot "/var/www/html/websites/websiteZ.nl/public"
<Directory "/var/www/html/websites/websiteZ.nl/public">
Require all granted
Options Includes FollowSymLinks
AllowOverride All
Order allow,deny
Allow from all
</Directory>
SSLEngine On
SSLCertificateFile /etc/apache2/ssl/websiteZ.nl/certificate.crt
SSLCertificateKeyFile /etc/apache2/ssl/websiteZ.nl/certificate.key
SSLCertificateChainFile /etc/apache2/ssl/websiteZ.nl/cabundle.crt
</VirtualHost>
</IfModule>
new website with ssl .conf
<VirtualHost *:80>
ServerName websiteY.nl
ServerAlias www.websiteY.nl
RewriteEngine On
RewriteCond %{SERVER_PORT} !443
RewriteRule ^(.*)$ https://%{HTTP_HOST}$1 [R=301,L]
RewriteRule ^(/(.*))?$ https://%{HTTP_HOST}/$1 [R=301,L]
DocumentRoot "/var/www/html/websites/websiteY.nl/public/"
<Directory "/var/www/html/websites/websiteY.nl/public/">
Require all granted
Options Includes FollowSymLinks
AllowOverride All
Order allow,deny
Allow from all
</Directory>
</VirtualHost>
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerName www.websiteY.nl
DocumentRoot "/var/www/html/websites/websiteY.nl/public"
<Directory "/var/www/html/websites/websiteY.nl/public">
Require all granted
Options Includes FollowSymLinks
AllowOverride All
Order allow,deny
Allow from all
</Directory>
SSLStrictSNIVHostCheck on
SSLEngine On
SSLCertificateFile /etc/apache2/ssl/websiteY.nl/certificate.crt
SSLCertificateKeyFile /etc/apache2/ssl/websiteY.nl/certificate.key
SSLCertificateChainFile /etc/apache2/ssl/websiteY.nl/cabundle.crt
</VirtualHost>
</IfModule>
ports.conf
NameVirtualHost *:80
NameVirtualHost *:443
Listen 80
<IfModule mod_ssl.c>
Listen 443
</IfModule>
<IfModule ssl_module>
Listen 443
</IfModule>
<IfModule mod_gnutls.c>
Listen 443
</IfModule>
I looked up the SNI thing, but I think I'm missing something. The way I understand it is that I have to use NameVirtualHost to make it work.
The server is running on AWS ece2 with Ubuntu 16.04.2
The problem occurs when I type in terminal:
a2ensite websiteY.conf
When I do that websiteZ will lose it's https cert and will show a big red cross which says: NOT SECURE! When you click to proceed it links to websiteY
I am a little bit out of options, can someone help me out? Thanks!
When you enter www.websiteZ.nl without https, the request will first be caught by
<VirtualHost *:80>
ServerAlias *.websiteZ.nl
Redirect 301 / https://websiteZ.nl
</VirtualHost>
and therefore redirected to https://websiteZ.nl
Since none of your :443 Virtual Hosts has neither ServerName or ServerAlias configured with websiteZ.nl, then the one from alphabetically first .conf file will be used, which is in this case the one with websiteY cert.