How to stop specific sites from redirecting to HTTPS:// [#1782236]

Hi,

I have an octopus instance which has SSL and nginx SSL enabled as there is a chance that the client may want an e-commerce site at somepoint in the future. Unfortuneatly this seems to mean that all sites on the platform are available via http:// and https:// and the server / domain is setup with self-signed certs at the moment so it causes a big warning to appear when navigating to the site using https://.

The client does not want SSL for this specific site so is there any way to stop the server from serving the https:// requests or redirecting them back to a non-secure connection? This only came to light because they received a message from their webmaster account that the site is reachable as a secure connection using an untrusted certificate.

I guess I could disable SSL completely for the octopus instance but that would mean I would need to use a separate instance for the ecommerce sites as and when they want them.

TIA,

JamieT

Comments

Comment #1

omega8cc CreditAttribution: omega8cc commented 13 September 2012 at 10:58

You would need to add an extra IP with local HTTP-only proxy and change this domain DNS A record to point it to this extra IP. This will get it out of the reach of the default SSL proxy with self-signed cert.

Comment #2

omega8cc CreditAttribution: omega8cc commented 13 September 2012 at 11:00

Also, we don't support or recommend the Aegir built-in SSL features (yet).

Comment #3

jamiet CreditAttribution: jamiet commented 9 October 2012 at 13:55

Thanks for the update (sorry for the delay in responding my email notifications on d.o were not set correctly). I'll take a look at your suggestion.

Out of interest your comment about BOA not supporting Aegir native SSL - does this mean the BOA SSL magic is there by default on all octopus instances and there is no need to enable the SSL/nginx SSL support features under hosting->features within the Aegir control panel?

TIA,

JamieT