Home / server / Questions / 1032164
Accepted
uncovery
Asked: 2020-09-01 05:57:57 +0800 CST

Configuring www.domain.com and domain.com with zonefile or letsencrypt to always forward to domain.com

  • 772

I have a example that should always result in https://example.com, even when the user is entering www.example.com, https or not. Ideally, the automated letsencrypt config https config file should work.

  • I have tried to remove the A-record for www and use a CNAME instead to point to example.com or @. This does not seem to have any effect and users still end up on www. I have no idea why.

This is my current config:

<VirtualHost [IPV6]:80 IPV4:80>
    ServerAdmin [email protected]
    DocumentRoot /home/example/public_html
    ServerName example.com
    ServerAlias www.example.com
    ErrorLog logs/example.error.log
    CustomLog logs/example.acccess.log common
    <Directory /home/example/public_html>
        Options FollowSymLinks
        AllowOverride All
    </Directory>
    RewriteEngine on 
    RewriteCond %{SERVER_NAME} =example.com [OR] 
    RewriteCond %{SERVER_NAME} =www.example.com 
    RewriteRule ^ https://example.com%{REQUEST_URI} [END,NE,R=permanent] 
</VirtualHost>

<VirtualHost [IPV6]:443 IPV4:443>
    ServerAdmin [email protected]
    DocumentRoot /home/example/public_html
    ServerName example.com
    ServerAlias www.example.com
    ErrorLog logs/example.error.log
    CustomLog logs/example.acccess.log common
    <Directory /home/example/public_html>
        Options FollowSymLinks
        AllowOverride All
    </Directory>
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/example.com/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/example.com/privkey.pem
SSLCertificateChainFile /etc/letsencrypt/live/example.com/chain.pem
</VirtualHost>

Then however, https://www.example.com throws a bad certificate, even if I add this to the :443 config:

    RewriteCond %{SERVER_NAME} =www.example.com 
    RewriteRule ^ https://example.com%{REQUEST_URI} [END,NE,R=permanent]

How can I redirect http AND https requests to www.example.com to https://example.com?

cname-record mod-rewrite apache-2.4 rewritecond

1 Answers

  1. Best Answer

    Clients arrive to https://www.example.com so even if you make a redirect to https://example.com you need two SSL certificates (one for example.com and the other for www.example.com) or a single SSL certificate valid for both domains.

    If you are using certbot to issue Let's Encrypt certificates you can use multiple -d parameters to specify multiple domains, so for example:

    certbot certonly --webroot -w /var/www/example -d www.example.com -d example.com
    • 1