so, I have generated a certificate by letsencrypt that covers at leat www.domain.tld, wiki.domain.tld and nextcloud.domain.tld.
The certificate seems to be OK: the 3 subdomains are displayed with the green lock.
I noticed that after this, I get the behavior of the beginning: wiki.domain.tld and nextcloud.domain.tld are OK but www.domain.tld redirects to www.domain.tld/doku.php and dokuwiki is displayed.
zzz-dokuwiki.conf is still present and contains “IncludeOptional conf.d/default-virtualhost.inc”
“config show tls-policy” is empty (=no displayed parameters) and I tried with default policy and 20180330.
/var/log/httpd/ssl_error_log is clean since the certificate of letsencrypt:
[Fri Jun 01 21:19:27.094859 2018] [ssl:warn] [pid 8736] AH01906: RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
After a “systemctl restart httpd” /var/log/httpd/error_log gives:
[Fri Jun 01 22:43:35.187965 2018] [mpm_prefork:notice] [pid 3296] AH00170: caught SIGWINCH, shutting down gracefully [Fri Jun 01 22:43:36.436480 2018] [suexec:notice] [pid 3420] AH01232: suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Fri Jun 01 22:43:36.443660 2018] [ssl:warn] [pid 3420] AH02292: Init: Name-based SSL virtual hosts only work for clients with TLS server name indication support (RFC 4366) [Fri Jun 01 22:43:36.590910 2018] [auth_digest:notice] [pid 3420] AH01757: generating secret for digest authentication ...
[Fri Jun 01 22:43:36.692540 2018] [core:notice] [pid 3420] AH00094: Command line: '/usr/sbin/httpd -D FOREGROUND' [Fri Jun 01 22:43:36.592586 2018] [lbmethod_heartbeat:notice] [pid 3420] AH02282: No slotmem from mod_heartmonitor [Fri Jun 01 22:43:36.599744 2018] [ssl:warn] [pid 3420] AH02292: Init: Name-based SSL virtual hosts only work for clients with TLS server name indication support (RFC 4366)
[Fri Jun 01 22:43:36.692436 2018] [mpm_prefork:notice] [pid 3420] AH00163: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 configured -- resuming normal operations
what do you think?