Alias domain with force ssl issue

Discussion in 'ISPConfig 3 Priority Support' started by molahs, Jul 1, 2020.

  1. molahs

    molahs Member HowtoForge Supporter

    I have ispconfig running on nginx / ubuntu 18.04
    There are 6 websites on the server.
    5 are with a commercial ssl.
    one of the sites has an alias. The alias domain redirects to the main site and the url is showing the url of the mainsite.
    Yesterday on I placed a check on "Rewrite HTTP to HTTPS".
    Since then the is redirecting to another website ( on the server, which happens to be the first site on the list under Websites, but was not the first site to be installed on the server. It has an ID of 4 compared to the id of 2 for has under the redirect tab:
    (as you can see i had to uncheck the http to http rewrite because it breaks the alias domain).

    How can i fix this issue? What other information can i submit in order to help you guys help me resolve it.

  2. molahs

    molahs Member HowtoForge Supporter

    the alias setup is as below
  3. till

    till Super Moderator Staff Member ISPConfig Developer

    A redirect to the wrong website can happen when the target site has no ssl. In your case, it also might be because you added the redirect multiple times (once in the main site and once in the alias domain), this can confuse Nginx and lead to wrong redirections. The redirect that you added in the main site redirects all alias domains already to the main domain, so the redirect you added in the alias domain should not be set.
  4. molahs

    molahs Member HowtoForge Supporter

    Hi Till,
    I removed all redirections like below. The maindomainhas a valid SSL.
    when i go to the I now get the "your connection is not private" error. The message reads:
    This server could not prove that it is; its security certificate is from This may be caused by a misconfiguration or an attacker intercepting your connection.
    If i press "Proceed to (unsafe)" I get to the correct website

    When the does not have Rewrite HTTP to HTTPS everything is working correctly.

    This is how the settings are now


    Your input to resolve this is appreciated.
  5. Taleman

    Taleman Well-Known Member HowtoForge Supporter is not included in the certificate. It should be, since "Don't add to Let's Encrypt certificate" is not ticked. Maybe your rewrite rules are confusing here?
    Is www included in the certificate? Check this from let's encrypt log.
    Did you follow Let's Encrypt error FAQ?
  6. till

    till Super Moderator Staff Member ISPConfig Developer

    When you assign an alias domain to an SSL website, then the SSL certificate of the main domain must include the alias domain, as both domains are part of the same vhost. When you use Let#s encrypt, then alias domains get added automatically to the cert of the main domain. When you buy an SSL cert, then this SSL cert must be a so-called multi-domain SSL cert which includes the main domain and the alias domain. If you have already bough a single domain ssl cert for the main domain and can't add the alias domain to it and if you can't switch to let's encrypt, then you can use this alternative setup:

    1) Remove the alias domain.
    2) Create a new website for the former aliasdomain, enable ssl and let#s encrypt for that site (or buy a cert for the alias domain and install it in that second site)
    3) Configure a redirect in that second site to the main site.
  7. molahs

    molahs Member HowtoForge Supporter

    Thanks for the advise. I was thinking to do it like that but wanted to make sure that I wasn't doing anything wrong on ispconfig.

Share This Page