Forwarded to devs individual domain can't use HTTPS for webmail if webmail.forceHttp=true

[enduser]

Username:

TITLE

individual domain can't use HTTPS for webmail if webmail.forceHttp=true

PRODUCT, VERSION, OPERATING SYSTEM, ARCHITECTURE

Plesk Obsidian 18.0.48
CentOS 7

PROBLEM DESCRIPTION

Since Plesk for Windows auto redirect webmail HTTP to HTTPS by default even no SSL is installed, so we use webmail.forceHttp=true to disable such redirect.

However, if one domain customer install and set SSL for their webmail, the webmail is still HTTP. It seems that it won't update IIS when webmail.forceHttp=true .

We don't want auto redirect HTTP to HTTPS because webmail with HTTPS always shows invalid SSL error until customer install valid SSL. However using webmail.forceHttp=true that prevent any customer who want to use valid SSL for their webmail.

STEPS TO REPRODUCE

1. Fresh install Plesk for Windows
2. add webmail.forceHttp=true in panel.ini
3. create a subscription
4. in the subscription, install SSL & apply it to "SSL/TLS certificate for webmail"
5. IIS > MailEnable WebMail > Bindings > it is still http but not https

ACTUAL RESULT

IIS bindings is still http but not https

EXPECTED RESULT

IIS bindings is https

Alternatively, referring to ChristophRo in the discussion, Plesk may abandon "webmail.forceHttp=true" and un-bundle the automatic http --> https redirect for webmail

ANY ADDITIONAL INFORMATION

Issue - individual domain can't use HTTPS for webmail if webmail.forceHttp=true

YOUR EXPECTATIONS FROM PLESK SERVICE TEAM

Confirm bug

 

[IgorG]

Actually, this is expected behaviour. Forcing is forcing. There are no exclusions.

We would suggest either managing redirects manually or creating the corresponding feature request on Plesk UserVoice.

Note: Nowadays, it is highly recommended to use secured connections. That's why force redirection to HTTPS was implemented. Moreover, Plesk provides the possibility to issue free Let's Encrypt certificates so all domains might be secured.