Only one URL format shows the https security lock

I have successfully created certificates for my domain using:
./letsencrypt-auto certonly -a manual --rsa-key-size 4096 -d example.com -d www.example.com —debug

The problem is that only one URL www.example.com is converted to https://www.example.com

The remaining URLs do not show the https security lock:

example.com
http://example.com
http://www.example.com

How can I fix this?

Thanks

When using certonly you’re responsible for installing the certificate. So without more information of your webserver setup and configuration, we can only guess.

Also, your domain name would be helpful.

Thanks so much for your time and reply.

The certificate had been installed using the cPanel on my hosting account.
Domain is pub2appdotcom

The certificate that’s issued for that domain is valid for both with and without the www.

So I think you’d have to ask your hosting provider.

Thanks again for your reply.

My last two question:

  1. May you please suggest an inquiry to forward it to my hosting provider? I just want to be specific as can as possible.

  2. May you please also suggest me a way from here to follow or a starting point in order to have a working certificates with my domain?

Thanks again

It may have just needed time to update - both are working OK for me. Do you still get an error ?

or perhaps I mis-understood - are you meaning the “http” versions not redirecting ?

Thanks for your reply.

No, you did not misunderstood. As you have mentioned, the http version does not show the ssl connection. Additionally, the domain without the ‘www’ also does not show the ssl.

Please have a look at this image: http://imgur.com/a/3ujnD

Thanks so much

https://pub2app.com/ works, you just need to setup a redirect from http://pub2app.com/ as you have on the www version.

as @xxjfe says, the https: sites work - you simply need to set up the redirects.

You can do this in your apache config, or .htaccess. I tend to use

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

to redirect to https

@xxjfe Thanks very much for your reply. I will setup the redirect as you have kindly advised. However, I did not setup any redirect in order for the www version to work. Is it a must to setup a redirect or it can work without it?

@serverco Thanks so much for .htaccess code

Just noticed the www version doesn’t have a redirect either. When most people type pub2app.com or www.pub2app.com into their browser they will get the non-https version. A redirect is necessary if you want to change this.

@xxjfe Thanks again. How could you know that the www version doesn’t have a redirect? I will be thankful to let me know.

Go to http://www.pub2app.com/ (you might need to use another browser or incognito window).

If you don’t set redirections in your virtualhost, no one will do it for you !

The webserver is doing what you tell him to do.
If you say him to serve non https website, it will do it.

HTTP = port 80
HTTPS = port 443

So, you have to redirect users on the wanted port.

@bosco Thanks so much for your reply

Do you still need some help? I can give some code from my installation.

@ADTC Thanks for your post. Yes, any kind of help is really appreciated.

A possible explanation for what you’re seeing is that you manually went to the HTTPS version of your www.pub2app.com site, so your browser remembers that and completes that when you type in www.pub2app.com. But since you haven’t visited the HTTPS versions of the other sites, the browser doesn’t know to prefer them.

Other commenters here are right to say that you want to set up a redirect in the web server and that how to do that depends on what web server software you’re using.

@schoen Thanks so much for your reply and explanation. So sorry for my late reply.

Regarding the browser issue, I have put this issue into considerations and tried four different browsers; chrome (new incognito window), safari, firefox (new private window), and tor. After each visit, I clear the browser’s cache then I close it. I open the browser, clear the browser’s cache, then revisit. All previous steps lead to same results.

Redirect had solved the issue. However, I expected that the non-www version will redirect automatically like the www version without configuring .htaccess.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.