Share Document Root for Apache w/ SSL with two separate subdomains and certs

Chris asked:

So, I’m running an Apache server on CentOS 7. I have two domains pointing to the same place: https://www.example.com and https://example.com. In my cfg, I have three VirtualHosts; one for http (for both) one for the subdomain-less, and one for the www. I have the separate certs configured (one for each), but when I deploy, Apache just serves up the first cert it finds in the cfg. So if I have the VirtualHost for www first, it serves up the www cert for both https://example.com and https://www.example.com

I have other domains being served on the same box and they get all the right certs.

Can somebody please explain what is going on here? It’s driving me absolutely

# Abbreviated Main config file for example.com domain
<VirtualHost *:80>

  ServerAlias example.com
  ServerAlias www.example.com

  DocumentRoot "/var/www/example.com"

</VirtualHost>

<VirtualHost *:443>
  ServerAlias example.com  

  DocumentRoot "/var/www/example.com"

  SSLEngine on
  SSLCertificateFile "/etc/letsencrypt/live/example.com/fullchain.pem"
  SSLCertificateKeyFile "/etc/letsencrypt/live/example.com/privkey.pem"

</VirtualHost>

<VirtualHost *:443>
  ServerAlias www.example.com

  DocumentRoot "/var/www/example.com"

  SSLEngine on
  SSLCertificateFile "/etc/letsencrypt/live/www.example.com/fullchain.pem"
  SSLCertificateKeyFile "/etc/letsencrypt/live/www.example.com/privkey.pem"

</VirtualHost>

My answer:


It doesn’t appear that any of your virtual hosts have ServerName defined. Apache won’t use a virtual host that doesn’t have this defined, even if they have a ServerAlias.


View the full question and any other answers on Server Fault.

Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.