Newbie problem with expanding the certificate

Happy to read that. You have rechecked your domain, now I see a Grade E.

Both connections are secure, no loop, no http status 500. The certificate has both domain names and is 87 days valide.


Later you may change the details: Correct redirect (Grade A, not E) and only one http status 200 as result (one preferred version).

Ah, got it to grade C. But this alludes me:

C Error - more then one version with Http-Status 200

Any suggestions?

You don't have a preferred version:

Domainname Http-Status redirect Sec. G
• http://psykolog.nu/
178.79.154.124 301 https://psykolog.nu/ 0.044 A
• http://www.psykolog.nu/
178.79.154.124 301 https://www.psykolog.nu/ 0.043 A
• https://psykolog.nu/
178.79.154.124 200 5.250 A
• https://www.psykolog.nu/
178.79.154.124 200 5.257 A

So some users read the https + non-www, other the https + www - version, users may add links to both versions, search engines may spider both, so you have duplicated content.

So choose one version as the preferred version.

And add a redirect https + not-preferred-version -> https + preferred-version.

4 urls, three redirects, at the end, every user has the same site.

Compare it with other sites who has a www and a non-www dns entry and grade A or B.

First: very grateful for all the help!

Now, I understand what I have to do but not how I should go on with this. I have following nginx config:

#redirect all www to non-ww 

server {
        server_name www.psykolog.nu;
        ssl_certificate /location ;
        ssl_certificate_key /location;
        include /etc/letsencrypt/options-ssl-nginx.conf;
        ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
        listen *:80;
        listen *:443 ssl;
        listen [::]:80 ipv6only=on;
        listen [::]:443 ssl ipv6only=on;

        return 301 https://psykolog.nu$request_uri;
}

# Redirect all non-encrypted to encrypted
server {
        server_name psykolog.nu;
        listen *:80;
        listen [::]:80;
        return 301 https://psykolog.nu$request_uri;
}

#main

server {
        listen 443 ssl default_server;
        listen [::]:443 ssl default_server;
        server_name psykolog.nu;
     
        ssl_certificate /location;
        ssl_certificate_key /location;
        include /etc/letsencrypt/options-ssl-nginx.conf;
        ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
     
   root /location;
   index index.html index.htm index.nginx-debian.html;

        location / {
                # First attempt to serve request as file, then
                # as directory, then fall back to displaying a 404.
                try_files $uri $uri/ =404;
        }

}

Why do I still get:
ā€œC Error - more then one version with Http-Status 200ā€?

SIte: https://www.psykolog.nu/
fails to redirect.

Change:
#redirect all www to non-www
server {
server_name www.psykolog.nu;
ssl_certificate /location ;
ssl_certificate_key /location;
include /etc/letsencrypt/options-ssl-nginx.conf;
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
listen *:80;
listen *:443 ssl;
listen [::]:80 ipv6only=on;
listen [::]:443 ssl ipv6only=on;
return 301 https://psykolog.nu$request_uri;
}

into two separate blocks:
[and adjust the redirection to be more as expected]

#redirect all www to non-www 80
server {
server_name www.psykolog.nu;
listen *:80;
listen [::]:80 ipv6only=on;
return 301 https://www.psykolog.nu$request_uri;
}

#redirect all www to non-www 443
server {
server_name www.psykolog.nu;
ssl_certificate /location ;
ssl_certificate_key /location;
include /etc/letsencrypt/options-ssl-nginx.conf;
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
listen *:443 ssl;
listen [::]:443 ssl ipv6only=on;
return 301 https://psykolog.nu$request_uri;
}

This definition

isn't used. If this block would be used, my tool would see a redirect http + www -> https + non-www, that would be a Grade E.

But you don't have a Grade E. Your last check ( psykolog.nu - Make your website better - DNS, redirects, mixed content, certificates ):

Domainname Http-Status redirect Sec. G
• http://psykolog.nu/
178.79.154.124 301 https://psykolog.nu/ 0.046 A
• http://www.psykolog.nu/
178.79.154.124 301 https://www.psykolog.nu/ 0.047 A
• https://psykolog.nu/
178.79.154.124 200 5.217 A
• https://www.psykolog.nu/
178.79.154.124 200 5.203 A

So you have a second server with the same server name (or the default) and port 443 without a redirect.