[BlueOnyx:24235] Re: 5209R logins
Michael Stauber
mstauber at blueonyx.it
Sun Aug 30 23:16:51 -05 2020
Hi Ernie,
> If I go to http://sitename.xxx/login the browser redirects to
> https://sitename.xxx:444/login and I get an " Error code:
> SSL_ERROR_RX_RECORD_TOO_LONG" in Firefox and a Safari can't open the page.
Recall that port 444 is HTTP and 81 is HTTPS. So it is either ...
http://sitename.xxx:444/login
... or ...
https://sitename.xxx:81/login
> If I try https://sitename.xxx:81/login I get:
>
> "This site uses HTTP Strict Transport Security (HSTS) to specify that Firefox may only connect to it securely. As a result, it is not possible to add an exception for this certificate."
>
> Because the browser sees the Letsencrypt certificate for the server and not
> the Letsencrypt certificate for the site.
>
> Any idea what's going on here?
The only SSL certificate the GUI uses is the server's SSL certificate.
NOT any Vsite certificate.
So you need to connect to https://<server-name>:81/login
Then and once you are logged in to the GUI, go to "Server Management" /
"Maintenance" / "Server Desktop".
In the pulldown for "GUI access protocols" select "HTTPS only" and tick
the checkbox for "Redirect to Server-Name".
That way, if someone in the future uses ...
http://sitename.xxx:444/login
... or ...
https://sitename.xxx:81/login
... it'll automatically redirect to https://<server-name>:81/login
That solves the Vsite HSTS GUI access issue.
--
With best regards
Michael Stauber
More information about the Blueonyx
mailing list