Hello HTF Friends, Setup : Multi-server OS : Ubuntu 18.0.4 Server type : Nginx Databse : mySql Services : postfix, dovecot I had a redirect setup for my control panel server to redirect HTTP connections to HTTPS but it is no longer supported due to the acme-999.vhost using the control panel's FDQN name on port 80. Has anyone managed to find a workaround or anyone have any alternative methods on keeping a redirect? Cheers, Jeremy
Please describe how you did the redirect of your ISPConfig panel from http to https as it is still working fine on mine.
I use a 301 redirect on port 80 Code: server{ listen 80; listen [::]:80; server_name panel.mysite.com www.panel.mysite.com; return 301 https://panel.mysite.com.com$request_uri; }
Add ":8080" before $request_uri, test nginx and restart it if everything is ok. NB: Use other port that you are using for your ISPConfig panel if you use other than default port 8080.
Then yours should work in theory. However looking back at your code, try remove the secondary .com in there and try changing to *:80 instead.
Though mine works, I noted yours doesn't, but I am not sure that removal of 999-acme.vhost will let your server LE certs automatic renewal works in the future. For now, I think the best is to modify it instead and keep a copy of your modification in conf-custom (and conf-custom/install) so that in won't be overwritten in the future ISPConfig update. On how to modify, I think it should be the same as any other vhost for websites and since you have created its website, may be a copy of the same would suffice.
Exactly, if i disable the 999-acme, LE will no longer work properly. Strange that yours work, kind of defies NGINX. Are you on NGINX? Does your file include the FDQN of the server?
Of course mine is nginx web server but in mine I redirected all non-existing website fqdn on my server (error 403) to its hostname fqdn at port 443 via default.vhost (or 000-000 in sites-enabled). I did not touch 999-acme.vhost. And I used dns-challenge to obtain LE certs for my server hostname fqdn in advance and I modified its renewal conf to add ISPConfig default script for automatic creation and renewal of ispserver.pem and its extension to other services. Thus, I think my nginx web server config is not really a good sample for you to follow.