1

I have enabled SSL for my https://example.com and that works fine, but if somone try's to enter https://www.example.com I get the message: Your connection is not secure.

Is there a way to redirect all WWW to non-http before checking the SSLcertificate? or does this need to be done on the domain dns settings?

Kerolos William
  • 305
  • 1
  • 13
sdfgg45
  • 175
  • 1
  • 1
  • 5
  • Ah, thanks. I was sure there must be a duplicate candidate, but I couldn't find one. – Gerald Schneider Jan 30 '19 at 14:18
  • @JennyD I think we have had many more questions about forwarding from an SSL domain without having a certificate for the domain. I am not sure the one you found is the best such question. But it's not like it is easy to search for possible duplicates. – kasperd Jan 30 '19 at 14:59
  • 1
    @kasperd There are indeed multiple such questions. Maybe it's time for a new canonical... – Jenny D Jan 31 '19 at 16:18

2 Answers2

6

You need either a second certificate for the subdomain, or one certificate that is valid for both. There is no way around it. The redirect happens after the SSL connection is established, so you need a working certificate for a working redirect.

With certbot you can create such a certificate by providing the -d parameter multiple times:

certbot-auto -d example.com -d www.example.com
Gerald Schneider
  • 19,757
  • 8
  • 52
  • 79
-2

you can make all the WWW requests redirect to https://example.com

so in the virtual host for port 80 you set the serverName with example.com and the serverAlias to www.example.com and then redirect to https://example.com which has the valid certificates

or if you want to run WWW over https you can do as Gerald said and generate certificate for both domain and it's sub domain

Kerolos William
  • 305
  • 1
  • 13