Hi @stevenzhu ,
Running Apache 2.4.6 on Centos 7.3.1611
Configuration before wildcard
<VirtualHost *:443>
SSLEngine on
ServerName service1.domain
DocumentRoot /srv/www/service1.domain/
SSLCertificateFile /etc/letsencrypt/live/service2.domain/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/service2.domain/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateChainFile /etc/letsencrypt/live/service2.domain/chain.pem
After wildcard
<VirtualHost *:443>
SSLEngine on
ServerName service1.domain
DocumentRoot /srv/www/service1.domain/
SSLCertificateFile /etc/letsencrypt/live/domain/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/domain/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
# SSLCertificateChainFile /etc/letsencrypt/live/service2.domain/chain.pem
I did ask certbot to do certonly on the wildcard and edited the service1.conf file to point to the new certificates.
Originally I got 1 cert that covered several services hence the original pathnames.