• Our team is looking to connect with folks who use email services provided by Plesk, or a premium service. If you'd like to be part of the discovery process and share your experiences, we invite you to complete this short screening survey. If your responses match the persona we are looking for, you'll receive a link to schedule a call at your convenience. We look forward to hearing from you!
  • The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.

Question SSL It! - SSL/TLS for redirects domains?

H

HansMeier52

New Pleskian
Can Obsidian handle SSL/TLS (Let's Encrypt) for redirects domains now?
Should not be so hard to use mod_rewrite and exclude .well-known/acme-challenge for the redirect.
 
One of the most mystical questions that we never solved: Why would anyone want to equip a redirect with SSL?
- There are no data in a redirect that needs protection. There is nothing to encrypt in a redirect. So why encrypt "nothing"?
- Redirects are not listed in search engines, so users won't stumble upon an https:// link to click on there.
Since Let's Encrypt made SSL available for free, people are running crazy for encryption, even where it makes absolutely no sense at all to encrypt something.

For those who still want encryption on "nothing":
- Set the domain to webhosting (not redirect) with the "Hosting Settings" page.
- Create an .htaccess file in the document root directory of the domain with this content:
Code: 
RewriteEngine On
RewriteCond %{REQUEST_URI} ^/.well-known/acme-challenge [NC]
RewriteRule .* - [L]
RewriteRule ^(.*)$ https://<target domain>/$1 [L,R=301]
 
We had a relatively small number of support requests in regards to this. Those that we did have came from quite dissatisfied customers, though. Most thought that their redirect isn't working and some of them believed that it hasn't been working for a long time.

The common issues were:

a) redirect owners or their visitors were manually entering a https address
b) site owners had a site before and later turned it into a redirect

In case of a)... well, it's a honest mistake and in case of visitors, the damage from thinking that the address doesn't exist might be real. It would simply be good practice to have this working these days, especially since certificates are basically free.

In case of b), when we're informed we set them up similarly as Peter described above. But when they do it themselves, they expect Plesk's redirect functionality to work with https out of the box. In general, these sites had encryption enabled and rightfully expect to have it working on the redirect because of the stale links and search engine entries.

It all boils down to the address itself. The encryption of the redirect isn't really needed, but customers rightfully expect the https address to work without issues.

I honestly think that Plesk should add this functionality ASAP and just be done with it.
 
You must log in or register to reply here.

Similar threads

R
Issue Problems Issuing a Let's Encrypt Certificate
Replies
6
Views
987
Robin McDermott
R
H
Resolved Problem with install Let's Encrypt SSL/TLS certificate
Replies
6
Views
2K
HungLuu
H
M
Resolved Lets Encrypt not issuing certs for subdomains
Replies
2
Views
1K
mendip_discovery
M
T
Issue SSL certificate renewal under cloudflare
Replies
0
Views
628
theplaza
T
S
Issue Let's Encrypt/SSL It! empty domain name error
Replies
8
Views
1K
SilentWarrior
S
Back
Top