Univention Bugzilla – Bug 49286
Let's encrypt certificate for UCS-SSO
Last modified: 2020-08-13 15:26:53 CEST
I use version 4.4-0 errata47 I installed a full server and connected with office 365 with APP for Office365. Then I discovered that outlook requires a valid certificate to lets the people login. I decide to install lets encrypt configure it with the 2 domains and require the certificate. One of this domain is UCS-SSO.my-domain.net. I get finally 2 valid certificates and I can see them in my browser, and they are valid. Now I have this problem: the HTTPS link of the ucs-sso is not working anymore. And we get this trace back Not Found The requested URL https://ucs-sso.mydomain.net/saml-bin/php-cgi/simplesamlphp/saml2/idp/SSOService.php was not found on this server. But I noticed that when I visit the same URL without HTTPS then it works. I think that this is a Bug of configuration in VHOST generated from Let's encrypt for UCS-SSO domain. I have been tipped for this in community forum. (https://help.univention.com/t/letsencrypt-after-installation-https-ucs-sso-is-not-working-anymore/11803) Thanks for your work. Alessandro
Thanks for your report. As you observed, managing certificates for the single sign-on subdomain with our Lets Encrypt app is currently not supported. I will mark this issue as a feature request. As a workaround, you can configure the single sign-on feature to a single server solution, see https://help.univention.com/t/6681. If you have configuration questions please ask in our forum, https://help.univention.com