SNI and https problems

Hi all,

Our servers are configured to let SNI work, we like to have different https certificates on our main server IP adress.
Problem: one domain has https, other domains who do not have a certificate but try to set https://domain etc getting a wrong certificate error in the browser, the certificate from the https customer does appear as certificate for other non https domains on the same IP.

We like to know if there is a clear guide which we can use to configure our servers the right way so we can:

• use multiple certificates on one server IP
• we don't have problems with wrong certificate names on non https domains
• use the posibilities SNI gives us

We use CentOs 6.7 + and recent apache and php versions.

Who knows the answer?

 

I maybe found it but have a question, here: Manage SSL Hosts - Documentation - cPanel Documentation

In the part SNI for Mail Services there is a setting that mentions Is Web SNI Required?
For the domains that do have a certificate atm this should be enabled but it appears as disabled while on SNI enabled servers this should be active. Maybe the lack of using the right setting here is the couse of the ssl/non ssl problem.

Question: how do i enable Is Web SNI Required? on a Installed SSL Host? I can't edit any, any help would be welcome

Another setting i found:
Is Primary Website on IP Address? Says Yes on the installed host but imho it should be no here because it's just one of the domains on this server

So two options:

• Is Primary Website on IP Address = Yes (should be no?)
• Is Web SNI Required? = No (should be yes?)