After recently upgrading Apache2 to version 2.2.31 I found a strange behaviour in SSL VirtualHost setup.
A few of the website I'm hosting were showing the certificate for the default host even if the client was Server Name Identification aware, and this happened only with a few of them. This shows as the common Firefox's/Chrome's passport-warning about you being possibly scammed if you're browsing your home banking, but that simply was not the case.
To be clear, if server host.hostingdomain.org has its own SSL, attempting to access https://www.hostedsite.org reports certificate for host.hostingdomain.org, but a few https://www.hostedsite.me reported the correct certificate.
All sites are hosted on the same IP address, on port 443. The truth is that VirtualHosting works on the HTTP side and redirects SNI-aware clients to SSL automatically, so it's backward compatible with SNI-unaware clients.
Examining error logs for the offending VirtualHosts shown the following text
[Tue Dec 25 16:02:45 2012] [error] Server should be SSL-aware but has no certificate configured [Hint: SSLCertificateFile] (/path/to/www.site.org.conf:20)
and in fact the vhost was correctly configured with SSLCertificateFile.
The question is obvious: how to fix that?
It happens that it could be a bug in the most recent version of Apache.
Solution 1: downgrade to the latest stable
Solution 2: edit
listen.confReplace
Listen *:443(orListen 443according to your setup) withListen *:443 httpCredit
I had the same exact problem, and what worked for me was unbelievably simple
edit /etc/apache2/ports.conf (for ubuntu, or httpd.conf )
change "Listen 443" to "Listen 443 http" under ssl_module
Another solution for this is to ensure that all of your :443 vhosts include the TLS configuration.
This problem was recently introduced in Debian wheezy and I got the solution from http://blog.noizeramp.com/2010/10/03/apache-2-and-ssl-configuration/.