If you have only 1 IP on the server:
<VirtualHost *:80> (== Any, port 80) will match requests with http://IP<VirtualHost XXX.XXX.XXX.XXX:443> will match requests with http://XXX.XXX.XXX.XXX- But if XXX.XXX.XXX.XXX is == IP, this is where you have a problem.
If both domains are on the same IP, requests to port :443 will be understood by Apache as going to the sole <VirtualHost> that matches, the XXX.XXX.XXX.XXX:443, regardless of the domain name involved. The matching of <VirtualHost> and certificate negotiation happens before the domain name is identified.
And even if there are many, Apache would take the first one (top down) found in the configuration since SSL handshake is done before the domain name of the request is done.
If you have 2 IP on the server
Setup a separate IP for your domains. Separation by IP allows Apache to know which site you want. So:
<VirtualHost IP1:80>
ServerName website1.nl
[...]
</VirtualHost>
<VirtualHost IP2:443>
ServerName website2.nl
[...]
</Virtualhost>
This way, a request to https://IP1/ would simply be refused by Apache, as no VirtualHost matches. But setting up a second IP is not always possible.
Partial solution
Here I use your <VirtualHost> setup. So
<VirtualHost IP1:80>
ServerName website1.nl
[...]
</VirtualHost>
<VirtualHost XXX.XXX.XXX.XXX:443>
ServerName website2.nl
[...]
</VirtualHost>
where XXX.XXX.XXX.XXX == IP1
You could setup a RewriteRule in the *:443 <VirtualHost> that says to redirect requests for website1.nl back to IP1:80.
RewriteCond %{HTTP_HOST} website1.nl
RewriteRule (.*) http://IP1:80/$1
One problem with this is that your SSL certificate is most probably setup for website2.nl, so the browser will notice that the domain name asked for is website1.nl, and therefore does not match the certificate. That is why it is a partial solution. You could setup the certificate to cover both domains, thus eliminating this problem, depends on the level of control you have over your certificate creation (full flexibility or not).
