Why does HTTPS show the website of a different domain?

Question

Why does HTTPS show the website of a different domain?

Answer

When visiting a domain using https, Apache will serve the top matching Virtual Host with the matching IP address. If there is no existing Virtual Host for the requested domain, the Apache service will instead return the first one in the configuration for that IP address. An HTTPS Virtual Host is not created for a domain until it has an SSL certificate installed.

The first time you install an SSL on the Shared Virtual Host IP for the server, that domain will be the default SSL. The default SSL feature is designed to allow control over how the Apache web service handles these requests.

After multiple certificates have been installed, the setting to select which Virtual Host you want as the default will appear in the WHM interface Manage SSL Hosts. This is represented by the Make Primary link next to all other certificates on the Shared Virtual Host IP.

For additional information regarding this feature and its interface, see the following documentation.

Manage SSL Hosts