Hi, Using Apache 2.4.10 on Ubuntu, I configured a bunch of virtual hosts with SSL, plus an extra virtual host before them, to catch requests for hostnames that are not otherwise defined. When responding to a request to one of the regular virtual hosts, it turns out that Apache sends the correct certificate, plus the one from the default vhost. You can see this behavior in https://www.ssllabs.com/ssltest/analyze.html?d=web.a4a.de&s=2a01%3a4f8%3a10a%3a1d5c%3a8000%3a0%3a0%3a7&latest ... where there are two certificates, one from Let's Encrypt for web.a4a.de / www.web.a4a.de, and the other self-signed for * (this is the default vhost's certificate). There are no certificate-related directives outside the VirtualHost blocks. It somehow seems like the SSL configuration from the default vhost leaks into the others, which seems very strange to me. I was unable to find a way to serve only the appropriate certificate. Do you have any ideas? Thanks, Peter -- a4a GmbH web: https://www.a4a.de/ e-mail: info@xxxxxx --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|