How to create certificate for https:// redirect to https://www

Hello

My server is Windows server 2012 R2, IIS 8.5

I want to redirect http:// to http://www - this works

Also want to redirect https:// to https://www - this doesn’t work because of SSL error

Here my configs

www binding working fine

http://www.monstermmorpg.com

or

https://www.monstermmorpg.com

http:// to http//www redirect binding and redirect

http://monstermmorpg.com redirects to http://www.monstermmorpg.com

http%20redirect

Now the my problematic part comes

I need your help here

Here how i composed https:// redirect to https://www.

https://monstermmorpg.com to https://www.monstermmorpg.com

However this redirect fails due to SSL mismatch error

How did i compose my SSL certificates?

I have used latest release here

Run as administrator in a static folder

Select N
Select 1
Select all monstermmorpg domains 1 by 1 with repetitive new certificate composition

So where is the error?

Thank you very much for your answers

The SSL error of https://monstermmorpg.com like below

Hi @MonsterMMORPG

checking your certificates you have some new certificates ( https://check-your-website.server-daten.de/?q=monstermmorpg.com#ct-logs ):

CertSpotter-Id Issuer not before not after Domain names LE-Duplicate next LE
985681314 CN=Let’s Encrypt Authority X3, O=Let’s Encrypt, C=US 2019-06-25 11:00:05 2019-09-23 11:00:05 www.monstermmorpg.com - 1 entries duplicate nr. 1
985682622 CN=Let’s Encrypt Authority X3, O=Let’s Encrypt, C=US 2019-06-25 10:59:48 2019-09-23 10:59:48 static.monstermmorpg.com - 1 entries duplicate nr. 1
985679267 CN=Let’s Encrypt Authority X3, O=Let’s Encrypt, C=US 2019-06-25 10:58:05 2019-09-23 10:58:05 monstermmorpg.com - 1 entries duplicate nr. 1
985633193 CN=Let’s Encrypt Authority X3, O=Let’s Encrypt, C=US 2019-06-25 10:15:26 2019-09-23 10:15:26 forumturkce.monstermmorpg.com - 1 entries duplicate nr. 1
985540908 CN=Let’s Encrypt Authority X3, O=Let’s Encrypt, C=US 2019-06-25 08:58:10 2019-09-23 08:58:10 forum.monstermmorpg.com - 1 entries duplicate nr. 1

So you have all required certificates, one with non-www, one with www.

So first step: Update your bindings.

Domainname Http-Status redirect Sec. G
http://monstermmorpg.com/
138.128.2.226 301 http://www.monstermmorpg.com/ 0.227 D
http://www.monstermmorpg.com/
138.128.2.226 200 0.707 H
https://monstermmorpg.com/
138.128.2.226 301 https://www.monstermmorpg.com/ 1.154 N
Certificate error: RemoteCertificateNameMismatch
https://www.monstermmorpg.com/
138.128.2.226 200 1.466 I

Your www binding is correct, your non-www binding uses the wrong certificate.

First step - all bindings must work, recheck the domain if the Grade N is gone.

Second step - update your redirects. But it’s the second step. And you have already a redirect https + non-www -> https + www.

Thank you very much for reply

How am I going to bind non-www to correct one can you explain to me?

that is my primary problem that grade N

Your Topic has the screenshot of your binding. Select the correct certificate.

I have bound it to monstermmorpg.com generated by letsencrypt but still not working

there is alsowww.monstermmorpg.com binding but it also gives error

here available bindings

What’s the error message?

It does not give any binding error

But the https error persists

Currently it is set to monstermmorpg.com but the error persists

1 Like

That’s simple.

You have a lot of domains on one server.

So you have to check the

Require Server Name Indication

One domain (the “standard domain”) without that check. All other domains -> that must be checked.

The server-daten.de server has the same config: One host doesn’t use that checkbox, there is the *.server-daten.de wildcard certificate. All other domains must use SNI to work, then an individual certificate is possible.

I have selected that option but still gives SSL error

If you tell me what steps i need to do i can do that

I am willing to compose a wild card SSL certificate

1 Like

Ok i have found the solution

I have to check Require Server Name Indication for all domains that uses same IP

1 Like

How do I create a default SSL for clients that has no SNI capabilities with letsencrypt?

image

1 Like

These are Windows XP + IE6.

Select one domain as “main domain”, then uncheck that box.

It works only both main and the other http is marked as SNI works

If i don’t mark main one and mark only https redirect, still https redirect giving SSL error

Here let me show

main site bound to 2.226 ip

https redirect site bound to 2.226

no other site domain etc is bound to 2.226

but https redirect still giving SSL error

here > https://monstermmorpg.com

1 Like

That’s a curious configuration. Is it required to select a special ip address? Use always *.

And check your configuration online, then you see, which certificate is used. Last own check - https://check-your-website.server-daten.de/?q=monstermmorpg.com - your non-www uses the www version.

Looks like your configuration is too difficult, so there are errors.

Actually it uses its own certificate

However since main domain SNI is not enabled, giving that error. When I click SNI for main site in IIS as well, it starts working

I have tried bound to * version as well still SSL error persists

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.