I'm trying to set up a self-signed SSL certificate between my own VPS and Cloudflare (next to Full SSL). I'm using the following VirtualHosts for this:
<VirtualHost *:80>
ServerName domain.com
Redirect permanent / https://www.domain.com/
</VirtualHost>
<VirtualHost *:443>
ServerName www.domain.com
DocumentRoot /var/www/public/www
SSLEngine on
SSLCertificateFile /etc/apache2/ssl/apache.crt
SSLCertificateKeyFile /etc/apache2/ssl/apache.key
</VirtualHost>
But whenever I try to access domain.com it returns a 403 Forbidden and I get the following error in my apache2 logs:
[Fri Jan 30 00:19:23 2015] [error] [client (ip)] Directory index forbidden by Options directive: /var/www/public/
Meaning it tries to access the default DocumentRoot as set in apache2.conf:
ServerAdmin server@domain.com
DocumentRoot /var/www/public
Note that it does work when I change the port of the second VirtualHost to 80 and comment the 3 lines about SSL.
So my question is: why is not using the DocumentRoot that I specified in the VirtualHost (*:433)?
EDIT
When I pause Cloudflare and go to https://www.domain.com I can access it (of course with a warning because the certificate is self-signed). So maybe it has something to do with Cloudflare?
Best Answer
My guess is that you have to enable NameVirtualHost for the SSL port.
It can be done by editing the file /etc/apache2/ports.conf.
There you can see the configuration for port 80:
You can also see the IFmodule mod_ssl.c tags.
By default there should only be "Listen 443" inside the tags and you just have to add "NameVirtualHost *:443" above the "Listen 443" line. I believe this should fix your issue.
Apparently I don't have the reputation to post images, so here you go: http://i.imgur.com/vGCEAGb.png
EDIT: Don't forget to restart Apache.