Apache serves the first SSL host vhost found on a none-SSL domain.

Your hosting two name based domains deurbellen.nl and fietsbellen.nl. For the domain fietsbellen.nl you have a SSL and non-SSL vhost configuration .
The domain deurbellen.nl has only a none-SSL vhost config plane and simple.

When a user connects to the site https://deurbellen.nl, there will be no error message telling the vhost (domain) doesn’t exist. Instead apache serves the site fietsbellen.nl in SSL……. Pretty weird!
This is default behavior for apache. It serves the first available SSL vhost when the requested one is not found.

Solution:

For many reasons you just won’t want this to happen. This behavior can be changed by adding a vhost configuration that listens to *:443 and serve one of the apache error codes back to the client. For a complete list of error codes look here.

  1. Create a file named 10-localhost.localdomain-ssl.conf at the location apache reads your configuration files. On a RHEL/CentOS based os, the default location is /etc/httpd/conf.d
  2. opy the stuff below into your file
    <VirtualHost *:443>
      ServerName localhost.localdomain
    
      ## Vhost docroot
      DocumentRoot "/var/www/html/localhost.localdomain"
    
      ## Directories, there should at least be a declaration for /var/www/html/localhost.localdomain
    
      <Directory "/var/www/html/localhost.localdomain">
        Options None
        AllowOverride None
        Require all granted
      </Directory>
    
      ## Logging
      ErrorLog "/var/log/httpd/localhost.localdomain/error-ssl_log.%Y.%m.%d 86400"
      ServerSignature Off
      CustomLog "/var/log/httpd/localhost.localdomain/access-ssl_log.%Y.%m.%d 86400" combined
    
      ## Redirect rules
      Redirect  404 /
    
      ## Server aliases
      ServerAlias localhost.localdomain
    
      ## SSL directives
      SSLEngine on
      SSLCertificateFile      "/etc/ssl/certs/localhost.localdomain.crt"
      SSLCertificateKeyFile   "/etc/ssl/certs/localhost.localdomain.key"
      SSLOptions +StdEnvVars +ExportCertData
    </VirtualHost>
    

    Checkout the config section Redirect rules

      ## Redirect rules
      Redirect  404 /
    

    This tells apache which error code/page the client receives. So tweak it with the message you want to return

  3. Create a SSL cert and key for localhost.localdomain
    Check this how to for creating certificates and stuff…
  4. Copy the new cert and key file to
    /etc/ssl/certs/
  5. Restart apache and go test!

Leave a Reply

Your email address will not be published. Required fields are marked *