Seems like domain is pointing to wrong machine to get my certificates when using SSL

There is, but noting like sitesenabled in there either.

There should be an “include” or “includeoptional” line in the main httpd.conf file.
It would define the files that are to be included.

Yes, I have:

Secure (SSL/TLS) connections

Include /usr/local/etc/httpd/extra/httpd-ssl.conf

Include /usr/local/etc/httpd/extra/httpd-vhosts-le-ssl.conf

It’s obviously grabbing httpd-ssl.conf since netbracquets.com works.

Ok, then show the file:

We’ll try to figure out why things are failing…

This is the whole file. I commented out the netbracquets.com part when I moved it to the main/default section of httpd-ssl.conf

<IfModule mod_ssl.c>

<VirtualHost *:8443>

General setup for the virtual host

DocumentRoot “/Library/WebServer/Documents”

ServerName homebridgemania.com

ServerAdmin support@netbrackets.com

SSLCertificateFile “/etc/letsencrypt/live/homebridgemania.com/fullchain.pem”

SSLCertificateKeyFile “/etc/letsencrypt/live/homebridgemania.com/privkey.pem”

ErrorLog “/usr/local/var/log/httpd/error_log”

TransferLog “/usr/local/var/log/httpd/access_log”

</VirtualHost>

</IfModule>

#<IfModule mod_ssl.c>

#<VirtualHost *:8443>

DocumentRoot “/Library/WebServer/Documents”

ServerName netbracquets.com

ServerAlias www.netbracquets.com

<Directory /Library/WebServer/Documents>

Options Indexes FollowSymLinks MultiViews

AllowOverride All

Require all granted

</Directory>

#SSLCertificateFile /etc/letsencrypt/live/www.netbracquets.com/fullchain.pem

#SSLCertificateKeyFile /etc/letsencrypt/live/www.netbracquets.com/privkey.pem

#Include /etc/letsencrypt/options-ssl-apache.conf

#</VirtualHost>

#</IfModule>

I’m confused about why this is commented out.
Can you show the other file as it is now?

That’s the section for defining a vhost for netbracquets.com. I moved that into the main ssl.conf file and commented it out here.

not all lines were commented out though - seems like it now has multiple servernames, etc.

That’s the site here doing that. The stuff in bold is all commented out.

OK!

lets see the only other file left then.

It’s big. Full of comments.

remove all the commented lines (from your post)

OK, hold on a second.

Did you mean httpd-ssl.conf or httpd.conf?

Here’s httpd-ssl.conf
Listen 8443

SSLCipherSuite HIGH:MEDIUM:!MD5:!RC4:!3DES

SSLProxyCipherSuite HIGH:MEDIUM:!MD5:!RC4:!3DES

SSLHonorCipherOrder on

SSLProtocol all -SSLv3

SSLProxyProtocol all -SSLv3

SSLPassPhraseDialog builtin

SSLSessionCache “shmcb:/usr/local/var/run/httpd/ssl_scache(512000)”

SSLSessionCacheTimeout 300

<VirtualHost default:8443>

DocumentRoot “/Library/WebServer/Documents”

ServerName netbracquets.com:8443

ServerAdmin support@netbrackets.com

ErrorLog “/usr/local/var/log/httpd/error_log”

TransferLog “/usr/local/var/log/httpd/access_log”

SSLEngine on

SSLCertificateFile /etc/letsencrypt/live/www.netbracquets.com/fullchain.pem

SSLCertificateKeyFile /etc/letsencrypt/live/www.netbracquets.com/privkey.pem

<FilesMatch “.(cgi|shtml|phtml|php)$”>

SSLOptions +StdEnvVars

</FilesMatch>

<Directory “/usr/local/var/www/cgi-bin”>

SSLOptions +StdEnvVars

</Directory>

BrowserMatch “MSIE [2-5]” \

nokeepalive ssl-unclean-shutdown \

downgrade-1.0 force-response-1.0

CustomLog “/usr/local/var/log/httpd/ssl_request_log” \

“%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x “%r” %b”

</VirtualHost>

well both I guess
but was focused on the ssl file

you can remove the port from that line

Which part covers the other name?

default didn’t come out right it has underscores before and after:

_default_

that’s OK I can read between the lines (and the missing ones too)

That was in the httpd-vhost-le-ssl.conf file

but you neutered that one - it has no vhost config anymore