Jump to content

Leaderboard


Popular Content

Showing content with the highest reputation since 04/27/19 in Reports

  1. 1 point
    Unraid 6.7.0 Server name is Server-2, local TLD is set to "home.insanegenius.net". Static IP, DNS entry for server-2.home.insanegenius.net. I am using my own wildcard certificate for *.home.insanegenius.net. CN = *.home.insanegenius.net OU = PositiveSSL Wildcard OU = Domain Control Validated I copy my PEM file to config/ssl/certs/certficate_bundle.pem This server is called server-2.home.insanegenius.net. When I access https://server-2.home.insanegenius.net all is well, and it uses the *.home.insanegenius.net certificate as expected. When I access http://server-2.home.insanegenius.net, I get a 302 redirect, and the browser tries to open https://%2A.home.insanegenius.net/. I use Google Chrome developer tools, and I can see the 302 redirect as follows: Request: Request URL: http://server-2.home.insanegenius.net/ Request Method: GET Status Code: 302 Moved Temporarily Remote Address: 192.168.1.36:80 Referrer Policy: no-referrer-when-downgrade Response: Connection: keep-alive Content-Length: 154 Content-Type: text/html Date: Thu, 16 May 2019 15:56:28 GMT Location: https://*.home.insanegenius.net:443/ Server: nginx Nginx incorrectly returns an invalid URI, "https://*.insanegenius.net:443" instead of the correct "https://server-2.home.insanegenius.net". When I look in the Nginx emhttp-servers.conf file, I can see that whatever code created this config, created an invalid 302 redirect value. server { # # Redirect http requests to https # listen *:80 default_server; listen [::]:80 default_server; return 302 https://*.home.insanegenius.net:443$request_uri; } It looks like the logic incorrectly uses the SSL cert CN instead of the server FQDN. The logic should be fixed, or can be avoided by using something generic like "return 302 https://$host$request_uri;"