Apache2 VHOST matches wrong server name

I'm running Apache 2.4.54 on Debian Bullseye and have 42 VHOSTs configured. Most of them are subdomains xxx.my.domain.com of our main domain, say my.domain.com. One client has a special domain. There is also a default VHOST to catch all the requests. All the VHOSTS reside in numbered files, the default comes last.

• HTTP -> HTTPS
• subdomain not catches before -> ErrorDocument
• no subdomain -> errorDocument

In the case I just enter https://my.domain.com, this request is catched by one of the earlier vhosts and not by the default VHOST. I don't understand why this happens.

Without SSL, the request is answered by 99-default.conf

99-default.conf

<VirtualHost _default_:80>
        ServerName my.domain.com
        Redirect permanent / https://my.domain.com
        ErrorLog ${APACHE_LOG_DIR}/default_error.log
        CustomLog ${APACHE_LOG_DIR}/default_access.log vhost_combined
</VirtualHost>

<VirtualHost *:80>
        ServerAlias *.my.domain.com
        Redirect 404 /
        DocumentRoot /var/www/html/
        ErrorDocument 404 "Subdomain does not exist"
        ErrorLog ${APACHE_LOG_DIR}/default_error.log
        CustomLog ${APACHE_LOG_DIR}/default_access.log combined
</VirtualHost>



# match requests without subdomain
<VirtualHost _default_:443>
        ServerName my.domain.com
        ServerAdmin webmaster@localhost
        DocumentRoot /var/www/html
        Redirect 404 /
        ErrorDocument 404 "Please choose subdomain"
        ErrorLog ${APACHE_LOG_DIR}/default_error.log
        CustomLog ${APACHE_LOG_DIR}/default_access.log combined
</VirtualHost>

# match any subdomain that does not exist (that's why order is important)
<VirtualHost *:443>
        ServerAlias *.my.domain.com
        Redirect 404 /
        DocumentRoot /var/www/html/
        ErrorDocument 404 "Subdomain does not exist"
        ErrorLog ${APACHE_LOG_DIR}/default_error.log
        CustomLog ${APACHE_LOG_DIR}/default_access.log combined
</VirtualHost>

02-app-customer.conf

<VirtualHost *:443>
    Protocols h2 http/1.1
    ServerAlias customers-domain.com
#    ServerAlias customer.my.domain.com

    SSLEngine on
    SSLCertificateFile /etc/ssl/certs/wildcard.crt
    SSLCertificateKeyFile /etc/ssl/private/wildcard.key
    SSLCertificateChainFile /etc/ssl/certs/wildcard_chain.crt

    ErrorLog ${APACHE_LOG_DIR}/app_error.log
    CustomLog ${APACHE_LOG_DIR}/app_access.log vhost_combined

    Include conf.d/security.conf
    Include /usr/local/app/local/customer/httpd.conf

    <FilesMatch ".+\.ph(p[3457]?|t|tml)$">
        SetHandler "proxy:unix:/run/php/php7.4-fpm-app.sock|fcgi://localhost"
    </FilesMatch>

</VirtualHost>

# Redirection from port 80 to 443 if ssl enabled
<VirtualHost *:80>
    ServerName customers-domain.com
#    ServerAlias customer.my.domain.com
    Redirect permanent / https://www.customers-domain.com/
    ErrorLog ${APACHE_LOG_DIR}/app_error.log
    CustomLog ${APACHE_LOG_DIR}/app_access.log vhost_combined
</VirtualHost>

# Redirect of www.customers-domain.com to customers-domain.com
<VirtualHost *:443>
    Protocols h2 http/1.1
    ServerName www.customers-domain.com
    ServerAlias www.customers-domain.biz
    SSLEngine on
    SSLCertificateFile /etc/ssl/certs/wildcard.crt
    SSLCertificateKeyFile /etc/ssl/private/wildcard.key
    SSLCertificateChainFile /etc/ssl/certs/wildcard_chain.crt
    ErrorLog ${APACHE_LOG_DIR}/app_error.log
    CustomLog ${APACHE_LOG_DIR}/app_access.log vhost_combined
    Redirect permanent / https://customers-domain.com        
</VirtualHost>
<VirtualHost *:80>
    ServerName www.customers-domain.com
    ServerAlias www.customers-domain.biz
    Redirect permanent / https://customers-domain.com/
    ErrorLog ${APACHE_LOG_DIR}/app_error.log
    CustomLog ${APACHE_LOG_DIR}/app_access.log vhost_combined
</VirtualHost>

I don't understand why a request to https://my.domain.com is catched by 02-app-customer.conf and not by 99-default.conf. Any ideas?