Redirect https://example.com to https://www.example.com

nginx

We got a wildcard certificate from Thawte and this isn't valid for https://example.com.

So we'd like like to forward all requests from https://example.com to https://www.example.com without getting a cert-error.

Is this possible in nginx?

my configuration:

server {
    listen 80;

    server_name example.ch
                www.example.ch
                api.example.ch;

    if ($host = 'example.ch' ) {
        rewrite  ^/(.*)$  https://www.example.ch/$1 permanent;
    }

    rewrite ^ https://$server_name$request_uri? permanent;
}

server {
    listen 443;

    if ($host = 'example.ch' ) {
        rewrite  ^/(.*)$  https://www.example.ch/$1 permanent;
    }

    ssl on;
    ssl_certificate      /etc/nginx/ssl/example.crt;
    ssl_certificate_key  /etc/nginx/ssl/example.key; 

    server_name example.ch
                www.example.ch
                api.example.ch;

    ...
}

It isn't possible, full stop. SNI notwithstanding, a browser told to go to https://example.com is going to get mighty grumpy about being redirected anywhere else before any valid certificate has been presented for example.com - if it didn't, SSL certificates would be substantially pointless.

As others have pointed out, there is no way to support this without getting a certificate that is in some way valid for the initially-requested domain.

Related

Problem Activating "Windows Communication Foundation Non-HTTP Activation" feature in Windows 7
Can't raise nginx max files opened limit
Advantages / disadvantages of having DynDNS access on a computer vs the router
Apache + PHP-FPM + chroot results "File not found." error
Only receiving one document at a time from new web server
mysql data loss after server crash
Scrub header for internal servers in Postfix?
Postfix - Mail system is down
Openvpn - enabled redirect gateway but can't access any websites
Proliant dl380p gen8 Debian booting [closed]
DNS Resolution for example.com - Can you explain? [closed]
301 IIS Redirect