Eric, you’re the man with a plan! 
Ok, that’s helped me start to unpick this. I didn’t realise before that this error might be occurring because of a duplicate certificate on one domain (or sub-server); instead, I thought it was related to the entire Apache configuration.
So, to investigate, I SSH’d in to the server and went to /etc/apache2/sites-enabled/ and then did a ‘grep -i SSL *’
As you would expect, returned was the list of files containing SSL certs. One of them caught my attention, because I’d just switched off the SSL option in Virtualmin for that sub-server. This particular sub-server’s Apache config file contained the following, right at the bottom:
SSLCertificateFile /home//ssl.cert
SSLCertificateKeyFile /home//ssl.key
SSLCACertificateFile /home//ssl.ca
SSLEngine on
…just before the closing tag.
So, the question is how did it get there? :-S
What I think happened was that I set up the main virtual server first, but initially without SSL. The sub-servers were already created, and I have a hunch I had already enabled SSL them too, before enabling it on the top-level server. Then I enabled SSL on the top-level virtual server, and uploaded my wildcard certificate.
Because of this approach, I was in some doubt that the certificate on one of the sub-servers was valid (was the wildcard cert), so in Virtualmin I went to that sub-server > Server Configuration > Manage SSL Certificate and used the form (in the ‘Update Certificate and Key’ tab) to point this sub-server’s SSL settings to the top-level server’s certificate files.
Having just retraced these steps and removed the spurious entry in the sub-server conf file, I can now see that going to a sub-server’s ‘Manage SSL Certificate’ page brings up the message “This virtual server shares its SSL certificate with warpuni.com, so it cannot be edited on this page…”. However, this message wasn’t there for me the first time around, so I’m wondering if perhaps I’ve uncovered a rather obscure workflow bug somewhere?
Cheers,
Steve
