SSLCertificateFile conf/ssl/default.pem SSLCertificateKeyFile conf/ssl/default.pem <Location /> SSLCertificateFile conf/ssl/specific.pem SSLCertificateKeyFile conf/ssl/specific.pem </Location> We expect specific.pem to be used. If both certificates are RSA or ECC, that's what happens. If default.pem is ECC and specific.pem is RSA, default.pem wins! This is abnormal and very perturbating when trying to figure out what happens.