I added a wildcard certificate to rajnarayanan.com via the Plesk panel. But, the Plesk SSL Certificate page for weatherapp.rajnarayanan.com says that "www" is not secured. When I visit weatherapp.rajnarayanan.com, it works fine and shows the padlock icon. But going to www.weatherapp.rajnarayanan.com shows a page that says "DNS_PROBE_FINISHED_NXDOMAIN" with the "This site can’t be reached" error message.
How can I secure "www" for the subdomain with a wildcard certificate? Some users may go to www.weatherapp.rajnarayanan.com and get this error message.
Information online on this issue with Let's Encrypt is very confusing. I also removed the www DNS A record in my DNS records, but I still get the same error message. Thanks for your help in advance.
[basic steps for every site]
Step #1: DNS - make sure that FQDN resolves to the required IP(s).
Step #2: Hosting - make sure the name(s) can be served by the web server
Step #3: TLS - make sure to get a cert that covers all names
In your case, you already have a TLS wildcard cert that (you might presume) covers both names.
So, I'd focus on steps 1 & 2 [in that order]
But it is highly likely that your cert doesn't cover both names, and you will need to replace it with one that does.
Note:
A wildcard cert for *.example.com (with only 2 dots) will NOT cover names with more than 2 dots.
Like: www.site.example.com
[this has 3 dots and needs a wildcard cert *.site.example.com OR an explicit FQDN in the cert SAN]
Actually, I just added a www.weatherapp (www.weatherapp.rajnarayanan.com) A record in the DNS settings and the SSL certificate was able to protect the www subdomain.
Ok. I believe you. But, the important thing is when a user navigates to www.weatherapp.rajnarayanan.com, they are automatically redirected to weatherapp.rajnarayanan.com which is what I wanted to accomplish. So, I'm happy unless this may not be the most ideal solution.
There are four cases that must all be covered correctly for things to work in all cases:
http://www.weatherapp.rajnarayanan.com/
As per your post, this one should redirect to: http://weatherapp.rajnarayanan.com/
http://weatherapp.rajnarayanan.com/
Presumably would be redirected to HTTPS: https://weatherapp.rajnarayanan.com/
https://www.weatherapp.rajnarayanan.com/
As per your post, this one should redirect to: https://weatherapp.rajnarayanan.com/
But before it can, it must satisfy the secure request - which requires a cert covering its' name.
https://weatherapp.rajnarayanan.com/
This is where you want all clients to end up at.
Not all cases have been covered [yet]. #1, #2, #4 work #3 fails