[BlueOnyx:23931] Re: 5209R automatic Let's Encrypt renew - webalias redirect turns off and not on again

Tobias Gablunsky t.gablunsky at cbxnet.de
Wed Jun 3 04:50:59 -05 2020 

Plus one from me: we also had a site where "Web Alias Redirects" was set after the renewal of the LE cert although it wasn't set before. The patched base-ssl had already been installed (5209).

Thanks for looking into this again,
Tobias

-----Original Message-----
From: Blueonyx <blueonyx-bounces at mail.blueonyx.it> On Behalf Of Dirk Estenfeld
Sent: Tuesday, June 2, 2020 1:21 PM
To: BlueOnyx General Mailing List <blueonyx at mail.blueonyx.it>
Subject: [BlueOnyx:23927] Re: 5209R automatic Let's Encrypt renew - webalias redirect turns off and not on again

Hello Michael,

this detection and the setting of the internal marker does not yet seem to be 100% reliable. I have some customers, where the redirect is set after the renewal, although it was not set before. The website does not work after renewal with "too many redirects" message in the browser.
Could you please check again if the "Web Alias Redirects" is set and set the following one again or not?

Thank you and best regards,
Dirk

 
 
blackpoint GmbH – Friedberger Straße 106b – 61118 Bad Vilbel 

-----Ursprüngliche Nachricht-----
Von: Blueonyx <blueonyx-bounces at mail.blueonyx.it> Im Auftrag von Michael Stauber
Gesendet: Freitag, 24. April 2020 17:12
An: blueonyx at mail.blueonyx.it
Betreff: [BlueOnyx:23802] Re: 5209R automatic Let's Encrypt renew - webalias redirect turns off and not on again

Hi Dick,

> Can you confirm that this only happens if Web Alias Redirects was 
> enabled
in the first place? 

In order for this to happen the SSL certificate must have been requested not only for the FQDN, but also for web server aliases. If that was the case, then "Web Server Alias redirects" used to get turned off.

If it is now getting turned off, we set an internal marker from '0' to '1'.
At the end of the transaction we check the state of this marker. If the marker is '1', we set "Web Server Alias redirects" back to '1'.

So yes: This only happens if "Web Server Alias redirects" was enabled in first place *and* the LE SSL certificate was requested for the FQDN and at least one alias.

--
With best regards

Michael Stauber
_______________________________________________
Blueonyx mailing list
Blueonyx at mail.blueonyx.it
http://mail.blueonyx.it/mailman/listinfo/blueonyx

More information about the Blueonyx mailing list