by default, the ssl settings in: /etc/httpd/conf.d/ssl.conf
override the corresponding block in: /etc/httpd/conf/httpd.conf
When using AWS you need to edit ssl.conf
"The certificate is only valid for ip-###-##-#-##"
credit due here: Cannot setup SSL keys on my apache server in AWS EC2