redirect from https:// to https://www

Question

Given is my .htaccess rules set.

I am able to redirect

http://example.com to https://www.example.com
http://www.example.com to https://www.example.com

But https://example.com is not redirecting to https://www.example.com

Giving This Connection is Untrusted error on Firefox

@Tobias K. google.com Subject Alt Name is

Not Critical
DNS Name: www.google.com

But still it redirect from https://google.com to https:www.google.com

.htaccess

Options -Indexes
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{HTTPS} off [OR]
RewriteCond %{HTTP_HOST} !^www\. [NC]
RewriteRule (.*) https://www.example.com%{REQUEST_URI} [R=301,L]

RewriteCond %{REQUEST_URI} .html$
RewriteRule ^(.*).html$ /$1.php [R=301,L]

</IfModule>

I am using vhost configuration on apache 2.2.34 (AWS linux)

Given is my vhost config
vhost.conf

<VirtualHost *:80>

  ServerName example.com

  ServerAlias www.example.com example.com

  DocumentRoot /var/www/vhosts/example.com

  ServerAdmin itsupport@example.com

  ErrorLog /var/www/vhosts/logs/example.com/error_log

  <Directory /var/www/vhosts/example.com>
    AllowOverride All
  </Directory>

</VirtualHost>

ssl.conf

<VirtualHost *:443>
    DocumentRoot /var/www/vhosts/example.com
    ServerName example.com
    ServerAlias www.example.com example.com
    SSLEngine on
    SSLCertificateFile /home/ec2-user/new_cert/www_parentcompany_com.crt
    SSLCertificateKeyFile /home/ec2-user/www_parentcompany_com.key
    SSLCertificateChainFile /home/ec2-user/new_cert/DigiCertCA.crt
    <Directory /var/www/vhosts/example.com>
            AllowOverride All
    </Directory>
</VirtualHost>

Please let me know if I have missed something.

Tried given solution but no luck.
htaccess redirect to "https://www."
htaccess redirect to https://www

Thanks.

Your certificate is probably only valid on `www.example.com`. So you get the warning when you try to serve a site (or just a redirect) on `example.com` with it. If you can re-issue the cert, include both names as `subjectAltName`s. — Tobias K., Aug 25 '18 at 11:37
This has already been explained - in more depth that I could above - here: https://stackoverflow.com/a/10931004/7362396 — Tobias K., Aug 25 '18 at 11:42
@TobiasK. **google.com** `Subject Alt Name` is Not Critical DNS Name: www.google.com But still it redirect from `https://google.com` to `https:www.google.com` — Anon30, Aug 27 '18 at 09:58
I understand that your main domain is with *www*. You still need a valid certificate for the non-*www* variant if you want to avoid the "untrusted"-error on the redirect. Like described in my linked answer or @Ufuk Tan answer. — Tobias K., Aug 27 '18 at 17:54
Is this problem solved? If it's not, is the `https://www.example.com` accessible? — ufukty, Aug 29 '18 at 06:10
Problem not solved. Yes, `https://www.example.com` is accessible as mentioned in original question. — Anon30, Aug 29 '18 at 07:12
If you can share vhost config for SSL `(*:443)`, I can understand the problem better. — ufukty, Aug 29 '18 at 08:23
@UfukTan we dont have `(*:443)` listing in vhost.conf. I have updated question with ssl.conf entries — Anon30, Sep 05 '18 at 08:26
This is what i asking for. Now i don't see nothing wrong with your apache configuration. If SSL certificate doesn't valid for non-www domain, problem probably is this. By the way, some CA's cover the SSL for non-www, some not. Google probably have wildcard certificate which is valid for *.google.com and google.com. If you want to try apache config, I'll update my answer. But i think the problem is most likely SSL certificate. — ufukty, Sep 05 '18 at 15:29

ufukty · Answer 1 · 2018-09-05T15:37:25.420

This problem might be occurred by two reasons:

1. From SSL cerficate:

Since you said:

Giving This Connection is Untrusted error on Firefox

Some CA's automatically add example.com version with www.example.com, some not. Make sure your SSL certificate valid for both www.example.com and example.com

You can check your certificate with this command:

openssl s_client -connect example.com:443 | openssl x509 -noout -text

You can see google has *.google.com and google.com

2. From Apache virtual hosts:

According to this...

I am able to redirect

http://example.com to https://www.example.com

http://www.example.com to https://www.example.com

...and this...

But https://example.com is not redirecting to https://www.example.com

...I'm thinking, you accomplished the configuration for http successfully, since both

are redirecting to https://www.example.com.

But redirecting from https://example.com to https://www.example.com must be specified at htps (:443) virtual host configuration. Those rules cannot be determined by http (:80) virtual host config file.

For achieve this problem you have to add those rewrite rule to ssl.conf file:

RewriteEngine on
RewriteCond %{HTTP_HOST} !^www\. [NC]
RewriteRule ^ https://www.example.com%{REQUEST_URI} [L,NE,R=permanent]

So, it could be like this:

<VirtualHost *:443>
    DocumentRoot /var/www/vhosts/example.com
    ServerName example.com
    ServerAlias www.example.com example.com

    RewriteEngine on
    RewriteCond %{HTTP_HOST} !^www\. [NC]
    RewriteRule ^ https://www.example.com%{REQUEST_URI} [L,NE,R=permanent]

    SSLEngine on
    SSLCertificateFile /home/ec2-user/new_cert/www_parentcompany_com.crt
    SSLCertificateKeyFile /home/ec2-user/www_parentcompany_com.key
    SSLCertificateChainFile /home/ec2-user/new_cert/DigiCertCA.crt
    <Directory /var/www/vhosts/example.com>
        AllowOverride All
    </Directory>
</VirtualHost>

redirect from https:// to https://www

1 Answers1

1. From SSL cerficate:

2. From Apache virtual hosts: