Symptoms
When accessing the service subdomain such as webmail, the webmail subdomain does not redirect to HTTPS due to an alternative webserver running such as Nginx.
Description
After verifying that an SSL has been installed through
- Home »
- SSL/TLS »
- Manage SSL Hosts
The webmail service subdomain does not direct to HTTPS. Using the command-line tool curl, we can verify if this redirects as well.
$ curl -ilv webmail.domain.com
* Trying 18.17.16.15...
* TCP_NODELAY set
* Connected to webmail.domain.com (18.17.16.15) port 80 (#0)
> GET / HTTP/1.1
> Host: webmail.domain.com
> User-Agent: curl/7.64.1
> Accept: */*
>
< HTTP/1.1 200 OK
HTTP/1.1 200 OK
< Server: nginx
Server: nginx
Since there is no 301, this means there was no redirect and we stay connected to port 80, non-https.
Workaround
In this case, due to a 3rd party Nginx web server installed, we need to disable this and revert to apache. Typically this is done by removing the package from the provider with yum. As an example, if this was installed through yum, you can use the following to find and remove the package.
rpm -qa |grep -i nginx
yum remove <nginx-package>
If no RPM is present, you will want to consult the documentation for your 3rd party installation.