On my local aegir 2.0~rc5.1 (updated from 1.10), I enabled encryption on a website. It created an SSL certificate and assigned the IP 127.0.0.1. Then I disabled encryption on the site. I even deleted the site. I still see a certificate using the IP 127.0.0.1 at "node/2/ssl" (Certificates installed on server X).

And because of that, I cannot activate SSL on another website because it says "Unable to allocate IP address for certificate, disabling SSL. Allocate more IP addresses to this server then try to enable SSL again."

I've found a similar question on http://community.aegirproject.org/discuss/how-delete-unused-ssl-certificate

Comments

anarcat’s picture

Category: Support request » Bug report

Sounds like a bug - the IP should be freed if no site is using the SSL certificate anymore, both in the frontend and backend.

anarcat’s picture

Status: Active » Closed (cannot reproduce)

I have tried to reproduce this on the current git 2.x branch, and I couldn't. I did the following:

drush hostmaster-install aegir.orangeseeds.org
  1. enable SSL in the modules
  2. enable SSL on the server
  3. run all tasks
  4. create a site test0.orangeseeds.org with SSL enabled
  5. run all tasks
  6. disable SSL on test0
  7. run all tasks
  8. visit http://aegir.orangeseeds.org/node/2/ssl - no certificate is listed
  9. enable SSL on test0 with a new certificate - no error

So I am not sure how to reproduce this.

anarcat’s picture

Status: Closed (cannot reproduce) » Fixed

Sorry, I was confused: rc5 *is* affected by this, a fix was committed in commit 9121600 which is not part of RC5, which is why I can't reproduce on the current 2.x branch.

So yay, fixed. :)

Status: Fixed » Closed (fixed)

Automatically closed - issue fixed for 2 weeks with no activity.