I think I know the reason this is happening but I don't know how to fix it. I have a reverse proxy set up on one server and it's proxying from port 443 to my mattermost server (not on the same machine) on the default port of 8065.
I have SSL set up on the proxy with a let's encrypt certificate.
Port 8065 is opened on my firewall to the mattermost server but also on that same public IP I have port 80 and 443 opened to a completely different server.
What is happening is that when I hit the url for my mattermost server the certificate for that other server is being presented to my browser instead of the one that is configured on the proxy. I have no idea why this is happening. Here is my virtual host section:
<IfModule mod_ssl.c>
<VirtualHost *:443>
DocumentRoot "/var/www/html"
ServerName chat.example.com
<Directory "/var/www/html">
allow from all
Options None
Require all granted
</Directory>
ProxyPreserveHost On
RewriteEngine On
RewriteCond %{REQUEST_URI} /api/v[0-9]+/(users/)?websocket [NC]
RewriteCond %{HTTP:UPGRADE} ^WebSocket$ [NC]
RewriteCond %{HTTP:CONNECTION} \bUpgrade\b [NC]
RewriteRule .* ws://x.x.x.x:8065%{REQUEST_URI} [P,QSA,L]
ProxyPass / http://x.x.x.x:8065/ timeout=31536000
ProxyPassReverse / http://x.x.x.x:8065/
SSLCertificateFile /etc/letsencrypt/live/chat.example.com/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/chat.example.com/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateChainFile /etc/letsencrypt/live/chat.example.com/chain.pem
</VirtualHost>
</IfModule>
Let me know if more information is required. Rich
