-2

Nothing insidious going on but I've got a bunch of domains that we've bought for a service and I don't want to buy an SSL certificate for them all (there's about 11).

As an example, we've got:

example.com
thisisexample.com
ourexample.com
theexample.com

I have an SSL certificate for example.com and it is the main domain we're going to use. To protect our IP we've bought up a lot of similar domains and we're redirecting them all to example.com.

I've setup some redirects already and they're working fine on HTTP/80, both www and non-www.

However, accessing any of the domains on HTTPS/443 shows the privacy error.

Is there any way around this without having to buy lots of certificates? Can I not redirect https for one domain to another and allow that to terminate SSL?

EDIT:

My question is relating to Nginx, not Apache2.

MattBoothDev
  • 115
  • 7

2 Answers2

1

Is there any way around this without having to buy lots of certificates? Can I not redirect https for one domain to another and allow that to terminate SSL?

No.

Also, please search ServerFault and StackOverflow archives etc., this question was discussed multiple times in the past.

gxx
  • 5,483
  • 2
  • 21
  • 42
  • What an insightful answer. – MattBoothDev Aug 15 '17 at 12:17
  • 1
    I've added an link to your question (see the comments). One doesn't has to add the same answers over and over again, instead, *you* should do your homework and do some research, first. – gxx Aug 15 '17 at 12:18
  • Your answer was short and uninsightful. As far as my reading of the rules of the site goes, that is against the grain. I will accept my own answer in a couple of days. I can use LE to generate SSL's for my other domains and this avoids having to buy extra certificates. – MattBoothDev Aug 15 '17 at 12:27
  • I also had done research first. Other questions were looking like people were up to no good. – MattBoothDev Aug 15 '17 at 12:30
  • Welcome to Serverfault, Kryten2k35! gf_ has been here for a while to know how to answer. The only problem I can see with this is that it's more like a comment than an answer. On the other hand, this topic has lots of quality answers. Before lecturing about "the rules" (it's more like guidance) one should read them; to be more specific, the one about [duplicates](https://serverfault.com/help/duplicates). – Esa Jokinen Aug 15 '17 at 12:35
  • @EsaJokinen the unedited answer was "No", which wasn't very helpful or insightful. I searched beforehand which is what brought me here. Other questions were not related to Nginx or people owning a bunch of domains and wanting to consolidate them at a single point. I'm familiar with the Stack system and have a profile on several of the other sites. I've reported this because it was rude and unhelpful. Mistakes happen but being intentionally rude isn't a mistake. That's my gripe here. – MattBoothDev Aug 15 '17 at 12:47
  • 1
    Ok. The answer was modified immediately, so there's no modify history of that. You are correct that there's no reason to be rude. We are here to help and guide. And... we cannot say who voted your answer down. However, I can repeal it with my vote. – Esa Jokinen Aug 15 '17 at 13:08
  • I don't see my answer as "rude", I'm here to help as well. Besides: This question is not really specific to Apache or Nginx, it's just a general question regarding the workings of HTTPS. – gxx Aug 15 '17 at 14:10
  • Pretty sure you know that a single word answer in the negative isn't very helpful and is easily construed as rude. Also if it's a general question on HTTPS, then it isn't a duplicate? – MattBoothDev Aug 16 '17 at 09:00
  • No, I don't think so. "No" was the answer to the last part of your question. It's not possible to redirect HTTPS without terminating it first. If you would have done research first, you would have found all the questions dealing with exactly this question. It's irrelevant if this is about PHP, Apache, Nginx, whatever, because the common point in all these questions is your as well: "How to redirect HTTPS without terminating it first". Anyway, I think it's better to end this discussion now, everything said, and you know how to proceed. Good luck! – gxx Aug 16 '17 at 09:05
0

Turns out I can avoid buying lots of SSL certificates via using LetsEncrypt for the domains I want to 301 redirect.

MattBoothDev
  • 115
  • 7