apache redirect http to https and www to non www

You will have to re-issue your certificate for both www and without www.

If someone connects to your site via a domain name that is not included in your common name, they will receive a warning.

The ssl negociation process happens before any response from the server (in your case, a redirection), so in all cases, your visitors will receive a warning when using a domain that is not in your common name.


You can get what you need from the HTTP_HOST

RewriteEngine On 
RewriteCond %{HTTPS} off 
RewriteCond %{HTTP_HOST} ^(?:www\.)?(.*)$ [NC]
RewriteRule (.*) https://%1%{REQUEST_URI} [L,R=301]

This way it will get the host always without the subdomain.


RewriteEngine On 
RewriteCond %{HTTPS} off
RewriteRule (.*) https://domain.com%{REQUEST_URI} [L,R=301,NC]
RewriteCond %{HTTP_HOST} ^www.domain.com [NC]
RewriteRule (.*) https://domain.com%{REQUEST_URI} [L,R=301,NC]

If you are using CloudFlare's free account then that's the problem. CloudFlare's free account does NOT support SSL Certificates. To continue using CloudFlare's free account with an SSL Certificate just go to the DNS settings in CloudFlare and take the orange cloud off of your domain and off of the cname WWW. That will fix your problem and cause both www and non-www to be redirected to https.

Also be sure to add this code to your .htaccess file:

RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

Then, everything should work!