-1

I have multiple virtual hosts on the same server using CentOS 6. After running sudo ./path/to/certbot-auto --apache I have successfully installed a certificate for a website https://domain1.example. Browser confirms that the certificate is issued to Common Name (CN) domain1.example.

However, after repeating the same procedure for domain2.example, browser is warning that the connection is not secure and the certificate is issued to Common Name 192.168.1.5, which is a local IP address of the server. Why isn't the Common Name correctly determined for domain2.example? What could be the reason?

Without https:// the website http://domain2.example is working properly.

Patrick Mevzek
  • 10,995
  • 16
  • 38
  • 54
user2513149
  • 850
  • 12
  • 15
  • It seems the second certificate was produced with `192.168.1.5` as Common Name instead of `domain2.example`. But this is offtopic for a programming related website. – Patrick Mevzek Sep 18 '18 at 16:47

1 Answers1

0

It turns out the problem was due to the /etc/httpd/conf.d/ssl.conf file which enables SSL for Apache. Since CentOS loads all Apache conf files in alphabetical order, only those conf files will be using SSL which come after ssl.conf in alphabetical order. All files that come before will not be recognized for SSL.

In my case conf file for domain1.example came after ssl.conf and thus was recognized for SSL. But the conf file for domain2.example was before ssl.conf and therefore was ignored. A simple renaming ssl.conf to 000-ssl.conf put that file on top of the list and all the other files were loaded correctly.

user2513149
  • 850
  • 12
  • 15