Auto-renew with htaccess redirect on multidomain site


Background: I’ve got a multidomain Drupal site - the same folder serves, and, serving somewhat different content for each.
I can install a LE SAN cert from my host’s control panel - Cloudways/DigitalOcean - without issue, and it auto-renews without issue.
I use .htaccess to force http to https, again, without issue.

Problem: I now have an additional domain, which I’d like to redirect to If I set up 301 redirect in htaccess it mostly works:
RewriteCond %{HTTP_HOST}$
RewriteRule ^ http%{ENV:protossl}:// [R=301,L]

  • if I try to add to the LE SAN cert alongside domain1, domain2 and domain3, I can’t get my host’s control panel to create the cert; it fails because of the redirect and tells me to make sure my domains are properly pointed.
  • if I do NOT add to the SAN cert, redirects successfully to but if a user goes to, Chrome throws a certificate/security warning.

My host’s tech support tells me that it’s a known issue and that I can temporarily remove the redirect rule (temporarily serving content at, install the SAN cert through their control panel, then re-introduce the redirect rule.
BUT then the cert won’t auto-renew in 90 days, I need to manually repeat the process.

Question: Does anyone have an idea for a setup that allows to redirect to Either on its own cert or as part of the SAN cert beside the other domains?
One idea: is there a rule I could add to htaccess to force requests to, then redirect via 301 to, so I wouldn’t need a certificate for What would that look like?

Thanks! I’m a capable intermediate re: hosting/server/command line issues but a bit of a novice with certs.


I would expect that trying to exclude /.well-known/acme-challenge from the redirect would work. That is, redirect everything except requests to that resource.


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.