Shared SSL cert deleted from {hosting_ssl_cert}

I think this is actually an issue in the Hosting SSL module.

Seems to be something wrong with this query in hosting_ssl_clean_keys($node) of hosting_ssl.nodeapi.inc:

  // Check if there are still sites using this site's certificate.
  if (!db_query("SELECT * FROM {hosting_ssl_site} siteA
                   INNER JOIN {hosting_ssl_site} siteB ON siteA.ssl_key = siteB.ssl_key
                   INNER JOIN {hosting_site} s ON s.nid = siteA.nid
                     WHERE siteA.nid <> siteB.nid
                       AND siteA.ssl_enabled = :siteA_ssl_enabled
                       AND s.status <> :s_status
                       AND siteB.nid = :siteB_nid;",
                 array(
                   ':siteA_ssl_enabled' => 1,
                   ':s_status' => HOSTING_SITE_DELETED,
                   ':siteB_nid' => $node->nid,
                 ))->fetchField()) {

OK - here's the issue in my case:

In {hosting_ssl_site}, all of the SSL-enabled sites that I'm running have a "2" in their "ssl_enabled" column. That's because my SSL certificate has an ID of "2" in the {hosting_ssl_cert} table.

But in the query, it's filtering out any rows that don't have "ssl_enabled = 1" - which is all my sites.

So it seems that the issue is on line 427:

                   ':siteA_ssl_enabled' => 1,

That should be using the certificate ID of the site being deleted... not a hard-coded "1". Right?

Hmm... oh wait... I'm also seeing now that there is an "ssl_key" column in the {hosting_ssl_site} table - which is also set to "2" in all my SSL sites.

So why would all my sites have "ssl_enabled" set to 2, instead of 1? I guess that's the real question...

Ah ha! Of course...

It's because all my sites have SSL set to "Required" - which corresponds to an "ssl_enabled" status of "2"!

So we just need to fix that query so that it includes sites with EITHER an "ssl_enabled" of "1" OR "2"...

Patch attached!