Vesta Control Panel - Forum

Hello!

Ok so i have a problem on my VESTACP setup. Im using Apache as frontend and Nginx as backend server.
And i have a mix of multiple domains and packages. Some have ssl active and some not.

Now when i use https and http at an SSL-Enabled domain it works like it should.

But if i use https in front of an SSL-Disabled domain, the adress falls back to the very first domain i added (master)
So if i enter f.e https://www.mycustomer.com , it will forward to https://www.myhostingcompany.com
Of course all domains are on the same IP and myhostingcompany.com is kinda the "root website".

Any ideas please?!

https://www.myhostingcompany.com is the first include (or one of the first includes) above everyone else in your Apache/nginx file, that's why it's loading that first - and because you have a redirect from X -> https://www.myhostingcompany.com that's what's happening.

To fix, you need to enable SSL on the SSL-Disabled domain name and then SSL will return invalid.

Thanks for your replie!

To fix, you need to enable SSL on the SSL-Disabled domain name and then SSL will return invalid.

I can't do that, because the SSL part can't be empty in VESTA, or it will return an error.

But from what i understand, you are saying that its a normal behaviour that i get this SSL error (translated):

The Hostname does not match this Websites name "DLG_FLAGS_SEC_CERT_CN_INVALID"

Because i thought that in this case there would be just a kind of "connection aborted" error when trying to reach something which is disabled, instead of throwing that SSl error and then go to the root site if one clicks "continue anyway"

You could generate a Let's Encrypt SSL certificate for that website and leave it at that?

SSL is highly advised now. Chrome is reporting websites that don't have it as insecure if they contain a login form. I imagine in a few months, Chrome will notify the user that the website is insecure even if it doesn't have that form on. Google wants all websites to run on HTTPS now.