Disable http to https redirect for Let's Encrypt Cert

Good morning,

I am playing with a new NS install trying to implement the built in LE platform. Every request is failing though I know port 80 is open and reachable. I’ve noticed that every time I navigate to my NS host IP address it is automatically redirecting my browser to Https and what I suspect is causing my hang-up. Is there a way to disable this?

Hi Royce

This is standard behaviour on NS7.9, but does not affect LetsEncrypt from verifing the http - It repsonds with a redirect, that’s enough!..

I’ve never had an issue due to the built in redirect.

My 2 cents
Andy

PS:

If you want, PM me the domain and I’ll verify it opens with http (If it can redirect me, it IS responding to a http query!).

Thank you for the quick reply Andy,

I can confirm I am getting the auto-redirect for my domain when I enter it in the URL - IE- http://ns.domain.com is getting redirected to https://ns.domain.com on the public internet. Same public IP on a different production NS server does allow for successful LE certs & renewal (this is my temporary work around for a cert renewal/export to new NS box). Both NS installs are up to date while my production NS box does not auto-forward to https while the new install does and hence why I mentioned it above.

You CAN set the behaviour eg for vhosts, but AFAIK not for the default host.
However, I can confirm that as of two weeks ago, this was working on new NS even with redirect active…

My 2 cents
Andy

Good morning,

I believe I have isolated the issue to the SOGo mail client with the Make SOGo reachable only from this domain (FQDN) when trying to request the certificate (see below). When this field is populated NS start to redirect everything from http to https and the certificate challenge fails.

When this field is removed, the auto redirect to https goes away and the certificate is issued as expected:

I can’t find anything in the documentation so far on this. Could it possibly be a bug?

1 Like