Univention Bugzilla – Bug 56947
apache2/hsts setting is not used in univention-letsencrypt.conf
Last modified: 2024-01-02 14:49:53 CET
Created attachment 11169 [details] /etc/univention/templates/files/etc/apache2/sites-available/univention-letsencrypt.conf.patch +++ This bug was initially created as a clone of Bug #49844 +++ /etc/univention/templates/files/etc/apache2/sites-available/univention-letsencrypt.conf creates separate virtual hosts for each domain in letsencrypt/domains. However it doesn't create Apache configuration for HSTS as /etc/univention/templates/files/etc/apache2/sites-available/ssl.d/10hsts does it for the default SSL virtual host. So HSTS is in fact not activated anymore. Proposed fix: /etc/univention/templates/files/etc/apache2/sites-available/univention-letsencrypt.conf should include the code from /etc/univention/templates/files/etc/apache2/sites-available/ssl.d/10hsts. Please find attached patch for proposed fix. Patch is adapted - from the one provided in Bug #49844 - for UCS 5 as function run_filter now returns bytes.