seems like i can't get another SSL-Certificate on my maschine running.
I work on an Apache 2.2 and we got a domain with an SSLCertificate, signed by GlobalSign. Now i wanted to add another certificate (letsEncrypt) for another domain on the same maschine. (SNI)
To do so, i followed the intructions on the website and made a cert using certbot certonly -manual on another maschine and put them on my webserver.
There i changed the ports.conf from apache and added NameVirtualHost *:433 and changed the VirtualHost-Statement of the sites/available/default-ssl from _default_:433 to *:433.
Then i added the SSL-vHost to the config file of the new domain
<IfModule mod_ssl.c>
<VirtualHost *:433>
ServerAdmin webmaster@domain.org
DocumentRoot /var/www/newdomain/html
ServerName domain.org
ServerAlias www.domain.org
SSLEngine On
SSLCertificateFile /etc/letsencrypt/live/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/privkey.pem
SSLCertificateChainFile /etc/letsencrypt/live/chain.pem
#Setting goes here
</VirtualHost>
</IfModule>
When i run apache2ctl configtest i still get
[Fri Mar 31 15:55:37 2017] [warn] _default_ VirtualHost overlap on port 433, the first has precedence
Why? When i try to visit the new Domain over https, they show me that the Browser still gets the old GlobalSign-Cert which is for a completly different domain and thus not accepted:
domain.org uses an invalid security certificate.
The certificate is only valid for the following names: signeddomainsiown.org
Error code: SSL_ERROR_BAD_CERT_DOMAIN
I get it, that there must be somewhere an entry which "comes first" and the server sends the wrong cert, or the chain is wrong, but how can I fix this? I already grep'd for other default entries in my config, but didnt found anything.
