0

There are a lot of subdomains hosted on our platform the following way:

server {
  listen          443 ssl;
  server_name     *.company.com;
//...
}

Unfortunately this matches requests with www.something.company.com but the SSL key does not support this and I would like to redirect requests starting with www. to the rest of the request eg: something.company.com.

What is the best way of doing that?

I was trying using the following that did not work:

  server_name     *.company.com;
  if ($host ~* ^www\.(.*\.company\.com)$) {
    return 301 $scheme://$1;
  }
Istvan
  • 7,500
  • 9
  • 59
  • 109
  • 1
    It is quite easy to configure `nginx` to [lose the `www.` prefix from a URL](http://stackoverflow.com/questions/7947030/nginx-no-www-to-www-and-www-to-no-www), but if your SSL certificate is not valid for the www domain, the clients will not connect in the first place. It is really only useful when you have a wild-card certificate (in which case you probably would not be asking this question) – Richard Smith Jul 23 '16 at 11:17

1 Answers1

0

You can't do that with a redirect: the ssl/tls connection is before the http request and 301 redirect answer. But you only have a *.company.com certificate, it's only valid for one level ( a.compaby.com ) not 2 or more ( a.b.company.com , or www.a.company.com ).

The only solution is to explicitly list all the domains in your certificate.

Tom
  • 4,666
  • 2
  • 29
  • 48