Problems redirecting from old .com to new .com

Hey everyone!

I apologize in advance for a question I’m sure has been asked before, but for the life of me I’m not able to find the answer. I just keep getting a ton of results that are not related to my issue.

I originally setup my test website at ParticleConsulting.com and later changed it to ParticleMarketing.com. This has given me a ton of headaches, but I’m through most of them. The last issue I have is that I cannot redirect traffic from ParticleConsulting.com to ParticleMarketing.com. Both have certificates on my Ubuntu/Apache Server and the only error I get from Google Chrome is, “ERR_CONNECTION_CLOSED”. I reached out to 1&1 and the said it had to do with a certificate/SSL issue and that the domain redirect was setup correctly on their end.

Can anyone point me in the right direction on how to go about troubleshooting this error?

My domain is: ParticleMarketing.com (the old one is ParticleConsulting.com)

I ran this command: they both have certificates, I’m not sure what command to run

It produced this output: see above

My web server is (include version): Apache/2.4.29

The operating system my web server runs on is (include version): Ubuntu 18.04.2

My hosting provider, if applicable, is: Digital Ocean

I can login to a root shell on my machine (yes or no, or I don’t know): Yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): No

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): certbot 0.31.0

1 Like

Redirection is NOT a function of, nor controlled by, certificates.

What did you do to try to do the redirection?

I find this statement particularly confusing:

when given that the two names return two completely different sets of IP addresses:
Name: particleconsulting.com
Addresses: 2607:f1c0:100f:f000::21d
74.208.236.204

Name: particlemarketing.com
Address: 192.241.130.124

1 Like

In the meantime…

both:
curl -Iki http://particleconsulting.com
curl -Iki http://www.particleconsulting.com
return:
HTTP/1.1 302 Found
Location: https://www.particlemarketing.com

curl -Iki https://www.particlemarketing.com
returns:
HTTP/1.1 301 Moved Permanently
Location: https://particlemarketing.com/

Which all seems “correct”…
Except that https://www.particlemarketing.com will FAIL because the cert doesn’t contain the WWW.
See SSLLabs results

1 Like

So when I tired going visiting www.particleconsulting.com in my browser this morning, it forwarded to particlemarketing.com! Then I tired particleconulsting.com and it failed… I tried it again with http VS https VS www VS non-www and got different results. But then… all of the different versions started working somehow? I’m getting really inconsistent results on the redirection. The error that came up when it failed was, “ERR_SSL_PROTOCOL_ERROR”.

Again I apologize if this is confusing; this isn’t my specialty and I’m waaaaay outside of my comfort zone on this one.

The redirection was setup via 1&1 a week or so ago just like the other unused domains I own. All of those forward correctly with no errors. Again, I verified this on their end to make sure I didn’t mess anything up and they confirmed the issue wasn’t on their side.

I ran the following command to show you that the server has multiple certificates, again I’m not 100% sure why it would come back with different IP addresses?

root@particleconsulting:~# certbot certificates
Saving debug log to /var/log/letsencrypt/letsencrypt.log


Found the following certs:
Certificate Name: particleconsulting.com
Domains: particleconsulting.com
Expiry Date: 2020-04-01 03:06:47+00:00 (VALID: 76 days)
Certificate Path: /etc/letsencrypt/live/particleconsulting.com/fullchain.pem
Private Key Path: /etc/letsencrypt/live/particleconsulting.com/privkey.pem
Certificate Name: particlemarketing.com
Domains: particlemarketing.com
Expiry Date: 2020-04-01 03:10:51+00:00 (VALID: 76 days)
Certificate Path: /etc/letsencrypt/live/particlemarketing.com/fullchain.pem
Private Key Path: /etc/letsencrypt/live/particlemarketing.com/privkey.pem

1 Like

It will “work” only after a visitor accepts the “mismatched” cert.
It is actually NOT working (as built).

You have a couple of options to correct this quickly:

  1. have the forwarding for ParticleConsulting.com changed
    from: https://www.particlemarketing.com/
    to: https://particlemarketing.com/
    [which will match the cert in use]
  2. replace the single name cert particlemarketing.com)
    with: particlemarketing.com and www.particlemarketing.com
    [which will match either name and already forwards to short name]

If you need help with #1, speak with 1&1
If you need help with #2, we are here :slight_smile:

1 Like

Thank you so much for your help in clarifying this! Yes, I ran a new command to include the www. subdomain and it worked perfectly! (Unless you can see something on your end that says otherwise haha!)

Out of curiosity, how were you able to troubleshoot it to find out that info?

And in case anyone sees this in the future, the command I used to fix this was:
certbot --expand -d particlemarketing.com -d www.particlemarketing.com

2 Likes

The CURL command has various parameters; one of which can show the headers of the URL queried.
[It is (typically) in the headers that one can see redirection.]
I also tried the URL in a browser and saw the error firsthand and confirmed it via SSLLabs.
I’m glad you got it all straightened out :slight_smile:

2 Likes

Hi @particle

there are online tools to check such things. So you see all versions, non-www and www, http and https with redirects.

May be easier then using a tool that requires one command per url.

3 Likes