SSL Certificate on CNAME

I have been reviewing the other posts regarding the issue, but having some trouble understanding since I've tried implementing it but still not able to figure it out.

I have 2 servers.

The main server hosts domain server1.com

The 2nd server hosts domain server2.com

I setup a CNAME for sub.server1.com => sub.server2.com

When I go to https://sub.server2.com it works because I set-up an SSL certificate on server2.com (even though it is only a self-signed certificate).

But I can't set-up a certificate for sub.server1.com because it's not hosted on server1.com, it is a CNAME to server2.com. Well I installed an SSL certificate on Server2. However, when I go to https://sub.server1.com I get a Not Found error, whereas https://sub.server2.com works fine.

First question, did I set the SSL certificate on the correct server for the CNAME?

Second, How come it works directly using SSL (https://sub.server2.com), but not found when I try through a CNAME (https://sub.server1.com)?

Third, How do I get it the SSL to work on the CNAME (https://sub.server1.com)?

SSL certificates are assigned to a hostname/domain name, not a particular machine, and CNAME records are no different in this respect from A records. In your case, the certificate for sub.server1.com must be installed on the Server2 machine since it will be answering requests for that name.

Assuming that the "not found" error is a 404, you may want to verify that sub.server1.com is working on Server2 without SSL (http://sub.server1.com). Once that is verified, duplicate the process and configuration you used to set up SSL for sub.server2.com on the sub.server1.com domain (with a new certificate issued to sub.server1.com).