Recently I was stuck in a situation where Vulnerability scan was failing due to expired SSL certificate. The SSL certificate which was failing was not belonging to any VirtualHost, which means that any Vhost had mistakenly set the wrong SSL certificate which was not belonging to itself. The server had 100s of Apache Virtual Hosts.
In case of multiple Vhosts Apache considers a sequence. First it serves the Vhosts which are starting by numeric names, then it serves vhost starting with alphabets in alphabetic order.
In my case either was not working. So I had to search them one by one which was a lengthy process. Luckily I found the command:
root@server:/home/user# apache2ctl -S
VirtualHost configuration: *:80 is a NameVirtualHost default server FIRSTDOMAIN.COM (/etc/apache2/sites-enabled/FIRSTDOMAIN.COM.conf:1) port 80 namevhost FIRSTDOMAIN.COM (/etc/apache2/sites-enabled/FIRSTDOMAIN.COM.conf:1) alias www.FIRSTDOMAIN.COM port 80 namevhost SECONDDOMAIN.com (/etc/apache2/sites-enabled/SECONDDOMAIN.conf:1) alias www.SECONDDOMAIN.com . . . *:443 is a NameVirtualHost default server FIRSTDOMAIN.com (/etc/apache2/sites-enabled/FIRSTDOMAIN.com.conf:35) port 443 namevhost FIRSTDOMAIN.com (/etc/apache2/sites-enabled/FIRSTDOMAIN.com.conf:35) alias www.FIRSTDOMAIN.com port 443 namevhost SECONDDOMAIN.com (/etc/apache2/sites-enabled/SECONDDOMAIN.com.conf:35) alias www.SECONDDOMAIN.com
The output will be in above format. First it will list the default Vhost it is serving on port 80, then it will list all vhost being served in naming sequence.
Next it will start showing Vhosts being served on Port 443 in the same sequence as explained above.
Hope this will help troubleshooting.