Issue [PPPM-5861] Users can use SSL although SSL is disabled in hosting plan

[Bitpalast]

PRODUCT, VERSION, OPERATING SYSTEM, ARCHITECTURE
12.5.30, latest MU, CentOS 7.2, 64-Bit

PROBLEM DESCRIPTION
A hosting plan has "SSL" unchecked (disabled). Yet users who have subscriptions based on that plan can click "hosting settings" and activate SSL. They can even install a Let's Encrypt certificate on that subscription. As such a subscription as in our case disallows some other features, the Let's Encrypt certificate installation causes trouble on cert renewals. Another major problem with this is that SSL is normally an option for hosting plans of higher contract value. When every customer can use SSL, there is possibility to upsell a product based on an SSL option.

STEPS TO REPRODUCE
Enable the Let's Encrypt extension. Create a hosting plan and uncheck "SSL" in the hosting permissions. Then create a subscription based on that plan. Afterwards create an SSL certificate.

ACTUAL RESULT
SSL has been activated and a certificate has been installed.

EXPECTED RESULT
SSL should be denied, because the hosting plan prescribes that this option is disabled.

 

[IgorG]

Thank you. Forwarded to developers for investigation this behaviour.

 

[IgorG]

Well. Bug was confirmed and submitted as PPPM-5861.