Duplictate Apache servername Entires Result In Certificate Not Being Served Up Correctly


#1

Please fill out the fields below so we can help you better.

My domain is: schweizerpapi.ch

I ran this command: letsencrypt --apache -d schweizerpapi.ch -d www.schweizerpapi.ch

It produced this output: that all is fine

My operating system is (include version): Ubuntu 16

My web server is (include version): Apache 2.4

My hosting provider, if applicable, is: n/a

I can login to a root shell on my machine (yes or no, or I don’t know): yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no


I have installed a couple of certificates installed on my Ubuntu server each for different domain (one being sample.ch)
I wanted to issue a new Certificate for schweizerpapi.ch. It was working for a while and all the sudden I started getting erros with endless redirects.

Started playing around and figured out the following:

  • All those other domains are essentially running of the certificate of sample.ch, because when I remove that certificate they break.

  • I do point the SSLCertifiecateFile and SSLCertificateKeyFile to the proper fullchain.pem and privkey.pem, never the less the site seems to fall back to the abc certificate

  • I have tried creating my own certificate, but the directives of my virtualhost are simply ignored.

    <VirtualHost *:443>
    DocumentRoot /var/www/public_html
    ServerName schweizerpapi.ch
    ServerAlias www.schweizerpapi.ch
    ServerAdmin webmaster@schaer2.ch

      SSLEngine On
    
      SSLCertificateFile /etc/letsencrypt/live/schweizerpapi.ch/fullchain.pem
      SSLCertificateKeyFile /etc/letsencrypt/live/schweizerpapi.ch/privkey.pem
    
      <Directory /var/www/public_html>
          allow from all
          Require all granted
          AllowOverride All
          Options +FollowSymLinks
      </Directory>
    

#2

I’d recommend reading the following document and check if your configuration (the whole configuration, not just the VirtualHost you pasted here, that one looks good to me.) for correctness: https://httpd.apache.org/docs/2.4/vhosts/name-based.html


#3

some hours later:

  • I had a duplicated servername in one of my virtualhosts which didn’t have a certificate defined.
  • since there was no default SSL defined it would just pick the first virtualhost

#4

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.