We are running into issues with this seemingly simple configuration on Apache 2.4. We can't seem to obtain the correct certificate while using the Virtual Host site2.net. We always get site1.net's certificate. Here's our apacectl -S:
VirtualHost configuration:
*:446 is a NameVirtualHost
default server site1.net (/opt/rh/httpd24/root/etc/httpd/sites-enable/site1.conf:3)
port 446 namevhost site1.net (/opt/rh/httpd24/root/etc/httpd/sites-enable/site1.conf:3)
port 446 namevhost site2.net (/opt/rh/httpd24/root/etc/httpd/sites-enable/site2.conf:3)
*:444 other.net (/opt/rh/httpd24/root/etc/httpd/sites-enable/other.conf:2)
Here's the VH configurations:
$ cat /opt/rh/httpd24/root/etc/httpd/sites-enable/site1.conf
<VirtualHost *:446>
ServerName site1.net
DocumentRoot /www/site1
<Directory /www/site1>
AllowOverride All
Require all granted
</Directory>
SSLEngine on
SSLCertificateKeyFile /opt/rh/httpd24/root/etc/httpd/conf/certs/site1.key
SSLCertificateFile /opt/rh/httpd24/root/etc/httpd/conf/certs/site1.pem
</VirtualHost>
$ cat /opt/rh/httpd24/root/etc/httpd/sites-enable/site2.conf
<VirtualHost *:446>
ServerName site2.net
DocumentRoot "/www/site1/xyz"
<Directory "/www/site1/xyz">
AllowOverride All
Require all granted
Options -Indexes
</Directory>
SSLCertificateKeyFile /opt/rh/httpd24/root/etc/httpd/conf/certs/site2.key
SSLCertificateFile /opt/rh/httpd24/root/etc/httpd/conf/certs/site2.pem
</VirtualHost>
The conf file /opt/rh/httpd24/root/etc/httpd/conf.d/ssl.conf has not VirtualHost defined.
If we swap the certs and have the first Virtual Host loading the second certificate we see it correctly (i.e. there is no issue with the certificate itself).
We are testing with openssl s_client -connect myip:446 -servername site2.net
Why are we getting this strange behavior? Thanks a lot!
