Problem with no www url

My domain is: www.thomasdl.fr

I ran this command: Did the certificate for my domain www.thomasdl.fr

It produced this output: Everything is working correctly until i try to reach my website with https://thomasdl.fr (thomasdl.fr, www.thomasdl.fr , http://thomasdl.fr and such works) but I’m getting a certificate problem with the url that i just wrote before. I can’t figure out what to do even looking on stack overflow it didn’t change much. And here is my nginx config :

server {
        listen 80;
        server_name _;
        return 444; }
server {
        listen 80;
        server_name www.thomasdl.fr;
return 301 https://www.thomasdl.fr$request_uri;
}
server {
        listen 443 ssl;
        server_name www.thomasdl.fr;

        ssl_certificate /etc/letsencrypt/live/www.thomasdl.fr/fullchain.pem;
        ssl_certificate_key /etc/letsencrypt/live/www.thomasdl.fr/privkey.pem;

        location / {
                root /var/www/website;
        }

        location /api/ {
                proxy_pass http://127.0.0.1:8080/;
        } 
}

My web server is (include version): nginx-1.19.1

The operating system my web server runs on is (include version): Debian 10

My hosting provider, if applicable, is: OVH

I can login to a root shell on my machine : yes

I’m using a control panel to manage my site : no

The version of my client is : certbot 0.31.0

Thank you :wink:

2 Likes

Hi @TomLorenzi

that’s simple:

  • Your server definition has only one name
  • Your certificate has only one name

Use

server_name www.thomasdl.fr thomasdl.fr;

restart your nginx, create one certificate with both domain names and use that.

If your certificate doesn’t have the non-www domain name, but your server answers, the certificate is invalid.

3 Likes

Then i have to add to my config :

ssl_certificate /etc/letsencrypt/live/thomasdl.fr/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/thomasdl.fr/privkey.pem; 

Isn’t it an easier way to just redirect https://thomasdl.fr to https://www.thomasdl.fr ? Even if it’s working correctly like this

2 Likes

Please try it.

That requires a valid certificate with the non-www domain name.

3 Likes

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.