I'm running httpd 2.4.12 on Windows Server 2003.
We have things set up and working with http and https using the primary host name (fully qualified).
We need for a different domain (same hostname) to work with https.
These both need to work:
I have certificates (and key files) for both domains (the first being unique to the FQDN, the second being a wildcard for *.domain2.org
I have <VirtualHost *:443> blocks set up with ServerName myhost.domain1.org
in one, and ServerName myhost.domain2.org
in the other. Each specifies its proper cert and key files, and unique DocumentRoot locations.
httpd.exe -S clearly indicates both VirtualHosts found, no errors (no errors from httpd.exe -t, either).
It appears that the first certificate is always being served regardless of which host name is used in the browser. Also, the 2nd (domain2.org
) config has a different DocumentRoot, but when I tell the browser to ignore the security warnings I'm being delivered content from the domain1.org
Act and may be disclosed to third parties.