An issue with using Virtualmin to create name-based virtual hosts with SSL support enabled causes Apache to stop serving all other vhosts. The issue is caused by the way Virtualmin generates new VirtualHost directives in the vhost config file. When creating a new virtual host with SSL support enabled, Virtualmin generates two dissimilar VirtualHosts directives:
<VirtualHost *:80>…
<VirtualHost 0.0.0.0:443>…
Note: 0.0.0.0 denotes the real IP address of the web server as detected by Virtualmin
When these directives are written to the new .conf file and Apache is reloaded, the <VirtualHost 0.0.0.0:443> directive takes precedence over all existing <VirtualHost *:443> directives and Apache stops being able to serve the other vhosts.
The issue can be fixed by manually editing the newly created .conf file, changing 0.0.0.0:443 to *:443 and reloading Apache, but this is not a good solution for a production website where there could be dozens or hundreds of vhosts. I do not see any setting in Virtualmin > System Settings > Server Templates > Apache website that could change this behavior for future vhost generation.
One could argue whether a *:port is better or not than a ip-address:port setting, but the point of the matter is that Virtualmin is inconsistent here. If it generates a *:80 setting, it should also generate a matching *:443; if the IP address is used, both settings should include that IP address and wildcard should not be used.
I guess I could edit all existing .conf files and switch from a :80/:443 to ipaddress:80/ipaddress:443 to avoid downtime in the future but do I have to? Has anybody else had the same problem? Is that behaviour a feature or a bug?
Ivan