About letsencrypt ssl

Discussion in 'Installation/Configuration' started by Nishant patel, Apr 2, 2019.

  1. Nishant patel

    Nishant patel New Member

    Hello,
    I am using Ubuntu 18.04 server.
    I have created so many portals in ispconfig.
    But my problem is when I have apply letsencrypt ssl in one portal then that auto redirect on other portal,
    EX.
    apply ssl on this portal ==> test.domain.com
    redirect test.domain.com ===> test2.domain.com

    This is big issue form me.
    So please guide me to solve this provlem.
     
  2. till

    till Super Moderator Staff Member ISPConfig Developer

    You have to ensure that all websites on the same IP have SSL enabled. If that's not the case, then a domain without ssl will show the content of the first site which has SSL enabled. That's not ispconfig specific btw. , its the default behaviour of any apache or nginx server.
     
  3. Nishant patel

    Nishant patel New Member

    Hello,
    Thank you for reply.
    Ok. So tell me how to change default behaviour of any apache or nginx server?
     
  4. till

    till Super Moderator Staff Member ISPConfig Developer

    It might also be that you did not get a Let's encrypt SSL cert. Does the Let's encrypt checkbox stay checked when you go back to the website settings after a few minutes?
     
  5. Nishant patel

    Nishant patel New Member

    Yes.
    But ssl is not apply proper on website, that time they redirect on my first website.
    And I want to stop that redirect.
     
  6. till

    till Super Moderator Staff Member ISPConfig Developer

    This is no redirect, if there is no matching vhost for a request, then apach must show the first vhost it finds on that IP. I posted the solution already in #2 of this thread. Youz must activate SSL for all websites that are on the same IP address. if you want to have websites without SSL, use a different IP address for them.

    There are alternative solutions like a default ssl vhost to catch requests when there is no vhost configured for them, but users would get an ssl error about wrong ssl cert when you use that solution, so I recommend what I suggested in #2.
     

Share This Page