Wow...here's an odd one. In preparation for a migration (with Marco's help) of an entire server, I was reassigning the few web sites with static IP addresses (that they were using for SSL). Since we now can user Server Name Indication, I've stopped using dedicated IP's for SSL. So the setup is this...site was allocated (and bound) and IP address using WSP/SolidCP. However, the SSL binding was done manually in IIS (due to issues with the old WSP not correctly handling this), so SolidCP (I migrated to latest version) does not manage the certificate.
So...I use the button in the web site property sheet to "Switch to Shared IP" ...and that works fine. However, it *deletes* the certificate...completely. What a shocker that was! I have a script that runs to backup the certs to PFX files (just a oneline powershell), but I was missing one certificate, and sure enough, it wiped it out.
I didn't actually believe it at first, but after ensuring that I had backups of all remaining certs, I tried it again, switched the site to Shared IP, and like clockwork, it wipes out the certificate completely. I cannot believe this could be by design and must be some sort of oversight.
In any case, I'm reporting it here. To swap to Shared IP, be sure you backup your certs first!...you will have to import the deleted cert from pfx backup file after you swap to Shared...I've repeated it 16 times tonight...does it every time.
Hi,
I can have confirmed this bug and logged it to the tracker here: https://git.key4ce.com/SolidCP/v1.0/issues/139
Kind Regards,
Trevor Robinson
Wow, thank you!.
Also...along the same lines...if you delete the certificate, it also deletes all your website pointers...maybe its just deleing the whole binding stack? In any case, for sure, that happens, they all go if you delete a certificate. Thanks!
Hello,
Thank you for the extra information. I think we do need to a a real overhaul of SSL as many aspects don't appear to be working correctly.
I cannot guarantee at the moment when this will be completed as it would require alot of time for this to be completed by a developer.
Kind Regards,
Trevor Robinson