HTTPS only works with www

My domain is: https://www.potatoro.com

I ran this command: sudo certbot --apache -d potatoro.com -d www.potatoro.com

It produced this output: ok

My web server is (include version): Apache/2.4.52

The operating system my web server runs on is (include version): Ubuntu 22.04

My hosting provider, if applicable, is: Me

I can login to a root shell on my machine (yes or no, or I don't know): yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): certbot 1.21.0

https://check-your-website.server-daten.de/?q=potatoro.com

1 Like

https do work in base domain, just you are not redirecting to it:

3 Likes

That's because I wanted both urls to work without a 301 redirect.

I guess, you should add something like this to your httpd-xampp and httpd-vhosts :

<VirtualHost *:80>
    ServerName domain.com
    ServerAlias www.domain.com
    Redirect / https://domain.com
</VirtualHost>

I have that

<VirtualHost *:443>

   ServerName potatoro.com

   ServerAlias www.potatoro.com

   DocumentRoot /var/www/html

   SSLEngine on

   Include /etc/letsencrypt/options-ssl-apache.conf



SSLCertificateFile /etc/letsencrypt/live/potatoro.com/fullchain.pem

SSLCertificateKeyFile /etc/letsencrypt/live/potatoro.com/privkey.pem

</VirtualHost>



<VirtualHost *:80>

    ServerName potatoro.com

    ServerAlias www.potatoro.com

    Redirect / https://www.potatoro.com

RewriteEngine on

RewriteCond %{SERVER_NAME} =www.potatoro.com [OR]

RewriteCond %{SERVER_NAME} =potatoro.com

RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]

</VirtualHost>

But https://potatoro.com doesn't work

It works for me. Why do you say that? Where are you seeing the problem?

curl -I http://potatoro.com/Test123
HTTP/1.1 301 Moved Permanently
Location: https://potatoro.com/Test123

curl -I http://www.potatoro.com/Test123
HTTP/1.1 301 Moved Permanently
Location: https://www.potatoro.com/Test123

And, you have two kinds of redirects defined. Your redirect / https://... can be removed and is not correct anyway (should have a slash after .com)

3 Likes

On my Linux machine https://potatoro.com works but as soon as I try from my windows device I get a warning "Potential Security Risk Ahead" on Firefox, and this on Brave:

The cert and its chains look fine

Do you have any kind of firewall or HTTPS inspection service on your Windows machine?

Is there further details such as what the invalid name is?

4 Likes

I have Malwarebytes and NordVPN

Do any other websites work with https in your Firefox or brave browser? Because it looks to me like malwarebytes is intercepting the HTTPS requests to protect you but causing this error

4 Likes

Everything else works.
In incognito it does work so it's something in the browser!

1 Like

I am out of ideas then. You can see the Let's Encrypt cert has SAN's names using the ssl checker url I showed earlier. Your browser is getting a different certificate from somebody but it's not your server

Do you have openssl on your windows machine by any chance

4 Likes

I cleared the SSL state of my windows machine and it's working now.
Thanks everyone

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.