From bd2a4ea5ebabfeec04769f4ca552d98013a30a38 Mon Sep 17 00:00:00 2001 From: Riddhesh Sanghvi Date: Tue, 30 Jun 2026 15:49:23 +0530 Subject: [PATCH] fix(migration): don't reclassify custom ssl sites as letsencrypt --- ...7101545_site-command_fix_ssl_flag_for_existing_le_certs.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/migrations/db/20250927101545_site-command_fix_ssl_flag_for_existing_le_certs.php b/migrations/db/20250927101545_site-command_fix_ssl_flag_for_existing_le_certs.php index 99c1bcfd..4a599357 100644 --- a/migrations/db/20250927101545_site-command_fix_ssl_flag_for_existing_le_certs.php +++ b/migrations/db/20250927101545_site-command_fix_ssl_flag_for_existing_le_certs.php @@ -51,7 +51,8 @@ public function up() { } if ( $crt_exists && $key_exists && $chain_exists ) { - if ( empty( $db_ssl ) || $db_ssl !== 'le' ) { + // Only repair sites with an unset SSL flag; never override an explicit custom/self/inherit (or le) choice. + if ( empty( $db_ssl ) ) { // Check if the cert is a valid Let's Encrypt cert using CertificateParser try { $crt_pem = file_get_contents( $crt );