Let's enrypt strange certificate

Discussion in 'Installation/Configuration' started by nicolasOW, Oct 17, 2016.

  1. nicolasOW

    nicolasOW New Member

    Hi all!
    I'm using ISPConfig 3.1 with Let's encrypt support under last Debian 8 version
    For several sites I want to use a let's encrypt certificate. So i tick the let's encrypt checkbox. The certificate seems to be generated successfully (no error messages in debug logs) but when I go to the website there is no automatic redirection to https version. If I manually add https in URL the website is accessible and the browser don't warn me about wrong certificate but says "You connection is private but someone connected on the network can modify site appearance". And when I inspect the certificate my browser says that the certificate is valid but mark the page as insecure (see capture below)
    When I use let's encrypt directly whit certbot command and paste result in ISPconfig (SSL tab) I don't have this problem

    Thanks for you help
  2. sjau

    sjau Local Meanie Moderator

    "Mixed Content": Your html sites loads content from non-ssl sites. Hence you get a warning. With HSTS it wouldn't even load. You need to fix your html.
  3. nicolasOW

    nicolasOW New Member

    Thanks, I've found it also.
    But I always have the problem of no automatic redirection to HTTPS version, I need to add a Nginx rule to do that. When I use the SSL tab to add my certificate I haven't this problem.
    Any clues?
  4. sjau

    sjau Local Meanie Moderator

    By default, ISPC will be available on both - hence offering the best compatible option.
    However, you can force nginx to redirect everything to https. Have a look here: https://bjornjohansen.no/redirect-to-https-with-nginx

    Looks like there's just a few line of codes needed in the nginx config and then it's applied for every domain.1

Share This Page