Alias wildcard and www not being created

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: vistaims.website (alias donutzonastick.net)

Plesk - Let’s Encrypt Version: 2.8.7-602

I am on Plesk trying to get a wordpress multisite to use https for www.donutzonastick.net. In the chrome browser this uses my .htaccess redirect from www to non-www. But on the rest of the browsers it does not take this into account. When I created the SSL with the Let’s Encrypt extension I checked the www for domain and subdomains as well as the wildcard option. I put the alias in the selected domains and hit create. The SSL as I said works with the simple donutzonastick.net for all browsers, but only chrome will allow the www to be redirected before the security alert is shown. I was hoping that there was a way to get, as the feature says the www of the alias in the SSL.

1 Like

Hi @clew24,

The reason for the different behavior that you’re seeing is that Chrome treats certificates for example.com as also valid for www.example.com, even if they don’t mention the www subdomain in the certificate. That’s not a part of the traditional standards for how certificates work, and other browsers currently don’t have the same behavior.

What I’m seeing is that your created certificate does not mention www.donutzonastick.net, it only mentions donutzonastick.net without the www subdomain. As I said, Chrome is OK with that but other browsers aren’t. (The .htaccess redirect isn’t directly part of the difference in the behavior.)

Could you revisit the creation process to make sure that the www is properly included? The tricky thing here is that you did have a slightly earlier certificate that properly includes all the names

https://crt.sh/?id=2630377711

yet your newest certificate doesn’t:

https://crt.sh/?id=2630082400

So it seems like this is some kind of issue about your Plesk configuration process.

2 Likes