[BlueOnyx:23794] Re: 5209R automatic Let's Encrypt renew - webalias redirect turns off and not on again
Michael Stauber
mstauber at blueonyx.it
Wed Apr 22 12:12:31 -05 2020
Hi Dirk,
> a customer with 5209R servers complained that the check mark "Web Alias
> redirects" disappears when automatically renewing a Let's Encrypt
> certificate and is not automatically set again after the automatic
> renew. The customer has to go through the pages manually and set the
> hook again. I could also see it on another server of an other customer.
>
> This is not good.
This behavior is exactly as intended and as necessary.
During the domain validation Let's Encrypt must connect not only to
FQDN/.well-known/... but also to each and any of the Web Server Aliases
in the same manner in order to ckeck if you have ownership of the domain
in question.
If "Web Alias redirects" is enabled, the Let's Encrypt validation fails
hard due to the redirect.
For that reason each run of Let's Encrypt for a Vsite (initial cert
request or renewal) will check the state of "Web Alias redirects" and
will disable it as needed.
--
With best regards
Michael Stauber
More information about the Blueonyx
mailing list