Skip to content

Configure http->https redirect only if apache2/force_https isn't enabled#3

Open
palstek wants to merge 1 commit intounivention:mainfrom
palstek:fix_letsencrypt_well-known
Open

Configure http->https redirect only if apache2/force_https isn't enabled#3
palstek wants to merge 1 commit intounivention:mainfrom
palstek:fix_letsencrypt_well-known

Conversation

@palstek
Copy link

@palstek palstek commented Feb 7, 2026

Otherwise use the global redirect, which will properly exclude .well-known/acme-challenge subdirectory for Letsencrypt. Otherwise Letsencrypt certificate refresh fails for ucs-sso-ng subdomain, because .well-known isn't accessible via plain http.

This change feels more appropriate to me, than excluding .well-known from permanent redirect in this config file.

@palstek
Configure http->https redirect if apache2/force_https isn't enabled
d0b08cf 
Otherwise use the global redirect, which will properly exclude
.well-known/acme-challenge subdirectory for Letsencrypt.
Otherwise Letsencrypt certificate refresh fails for ucs-sso-ng subdomain,
because .well-known isn't accessible via plain http.

This change feels more appropriate to me, than excluding .well-known
from permanent redirect in this config file.

Signed-off-by: Daniel Krueger <palstek@users.noreply.github.com>
@CLAassistant
Copy link

CLAassistant commented Feb 7, 2026
edited
Loading

CLA assistant check
All committers have signed the CLA.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@palstek @CLAassistant