Once https has been enabled for an app, is it possible to remove it? Or is this only possible by deleting the app and adding it again?
drmrbrewer
All 4 comments
It's only possible with removing and adding it again. If not zero, there is little value to adding a disable HTTPS functionality. If you don't need HTTPS, don't use it. If you really don't want any HTTPS connections, you can edit the default nginx configuration for any particular app and comment out the section that is responsible for HTTPS connection:
listen 443 ssl;
ssl_certificate <%-s.crtPath%>;
ssl_certificate_key <%-s.keyPath%>;
githubsaturn
on 22 Sep 2018
Like with any configuration or setting, it's possible to change your mind, or for you to set something wrong to start with. I enabled https on an app and now realise there is probably no reason for it, since requests to the app concerned have no need for any security, and presumably https adds a little extra work. It would just be nice to have the option of switching it off.
If "just don't enable it in the first place" applies, then why is there a button for turning off NetData?
It's not a big deal to delete the app and start again (unless it has a complicated setup), but I question why it's not made easier just to disable https with a button.
drmrbrewer
on 22 Sep 2018
If "just don't enable it in the first place" applies, then why is there a button for turning off NetData?
The reason is that NetData is a separate process that takes "RAM", "CPU" and "Disk IO". Turning it on and off actually makes an effect on your server's performance. Also it can "potentially" misbehave and take your server's down. It can have two much read and write, it can have a memory leak that causes OutOfMemoryExceptions. It can take up too much CPU. It has access to Docker and might mistakenly take down your containers.
Enabling HTTPS, on the other hand, is a one-off operation. Once it's enabled, if it's not used, it does not use any additional server resources. It's basically a free dormant asset. During enabling HTTPS, server's resources are being used and more importantly, it's a process that can fail during initialization due to a variety of reasons. If it wasn't for this, I would have made HTTPS to automatically get enabled during creation of the app. HTTPS is the new default.
githubsaturn
on 22 Sep 2018
I'd like to +1 this request.
At least it would be nice to have the ability to disable Let's Encrypt renewal for an enabled domain, so we wouldn't have to renew certificates that are never going to be used. It's wasteful.
khromov
on 1 Jan 2020
Related issues
Yub0
路
3Comments
PolMrt
路
5Comments
ZaninAndrea
路
3Comments
Kimkykie
路
5Comments
professphysics
路
3Comments
Most helpful comment
I'd like to +1 this request.
At least it would be nice to have the ability to disable Let's Encrypt renewal for an enabled domain, so we wouldn't have to renew certificates that are never going to be used. It's wasteful.