I have a local Apache2 server which hosts two name-based websites on a single IP.
The first website is hosted only on port 80. The second is hosted on port 80 and 443. If accessed on port 80 the user is redirected to port 443.
one.local (HTTP only):
<VirtualHost *:80>
ServerName one.local
ServerAlias www.one.local
DocumentRoot /var/www/html/one
</VirtualHost>
two.local (http and https):
<VirtualHost *:80>
DocumentRoot /var/www/html/two
ServerName two.local
ServerAlias www.two.local
Redirect permanent / https://two.local
</VirtualHost>
<VirtualHost *:443>
DocumentRoot /var/www/html/two
ServerName two.local
ServerAlias www.two.local
SSLEngine on
SSLCertificateFile /etc/apache2/ssl/apache.pem
SSLCertificateKeyFile /etc/apache2/ssl/apache.key
</VirtualHost>
Both websites are accessible, using the domain name and two.local gets redirected just fine.
The issue I have, is that when accessing https://one.local, the user is connected and prompted the Your connection is not secure warning as the self-signed certificate of two.local is attempted to be used.
I've read about this issue in this question, where it seems that the solution is to use the same certificate again and redirect from https to http.
This question has been asked three years ago, is there a better solution to this issue?
