stackoom
  简体   繁体   中英

www to non www on https not working

 原文  2015-01-09 01:43:48       wordpress/ .htaccess/ ssl

Question

I know that this is somewhat a common question BUT I've done my part and tried everything people suggested on other questions and nothing works out so please bear with me...

I have a website that I've purchased an SSL certificate yesterday, I managed to move the site to https completely but I'm still having this problem:

When a user tries to reach the site on https with WWW, I get a certificate error. 

Every other combination works fine (http://www to https:// non www works).

So basically my end goal is to get the user to the https://nonwwwversion of a URL from every combination

Example: User tries to reach site from a link which is like 

https://www.example.com/xyz

they should be redirected to 

https://example.com/xyz

but it just doesn't work.

The site is wordpress, I've attacked this from every possible angle but couldn't get it to work, neither did the hosting guys unfortunately.

The SSL is a RapidSSL Standard, which has the non www. version of the site as common name, maybe thats the problem?

My .htaccess file looks like this: 

RewriteEngine On

RewriteCond %{HTTPS} off [OR]
RewriteCond ^www\. [NC]
RewriteRule ^ https://mysite.com%{REQUEST_URI} [R=301,NE,L]
# BEGIN W3TC Browser Cache
# END W3TC Browser Cache
# BEGIN W3TC Page Cache core
<IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteBase /
    RewriteEngine On
RewriteCond %{HTTPS} !on
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
    RewriteCond %{HTTPS} =on
    RewriteRule .* - [E=W3TC_SSL:_ssl]
    RewriteCond %{SERVER_PORT} =443
    RewriteRule .* - [E=W3TC_SSL:_ssl]
    RewriteCond %{HTTP_COOKIE} w3tc_preview [NC]
    RewriteRule .* - [E=W3TC_PREVIEW:_preview]
    RewriteCond %{REQUEST_METHOD} !=POST
    RewriteCond %{QUERY_STRING} =""
    RewriteCond %{REQUEST_URI} \/$
    RewriteCond %{HTTP_COOKIE} !(comment_author|wp\-postpass|w3tc_logged_out|wordpress_logged_in|wptouch_switch_toggle) [NC]
    RewriteCond "%{DOCUMENT_ROOT}/wp-content/cache/page_enhanced/%{HTTP_HOST}/%{REQUEST_URI}/_index%{ENV:W3TC_SSL}%{ENV:W3TC_PREVIEW}.html" -f
    RewriteRule .* "/wp-content/cache/page_enhanced/%{HTTP_HOST}/%{REQUEST_URI}/_index%{ENV:W3TC_SSL}%{ENV:W3TC_PREVIEW}.html" [L]
</IfModule>
# END W3TC Page Cache core
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>

# END WordPress

2 answers

solution1
 0  2015-01-09 02:48:56

It sounds like the problem is you don't have a valid SSL cert for www . If you didn't order it that way you only got domain.com . You should ALWAYS order the www version then you automatically get the non domain version but that is not always the case the other way around depending on the CA you get it from.

The problem is it has to do the handshake and connect to the site before any rewrite rule will take place. So if you don't have a valid cert for WWW , most likely you will get a WARNING page stating it's unsafe and not to trust the site.

The only way to fix that is to get another cert that contains both WWW and Non WWW . Remember WWW is actually just another subdomain.

Remember create the CSR with the www.domain.com version and they will give you non www version included(Most CA's will). So you don't have to pay extra.

solution2
 0  2015-04-01 09:46:31

RapidSSL covers both www and non-www, BUT you have to order your certificate with www (www.domain.com), which means your Common Name must be written with www when creating your CSR on the server. If you order the certificate without www (domain.com), then the www option will not be automatically covered by the certificate.

www.domain.com is a subdomain to domain.com, many people forget that. This means, if you order it without www, it means you might not want the subdomains to be included in your SSL, which is why they don't provide it by default in a package.

I have made the same mistake buying my first certificate at RapidSSL, I canceled the order (we got a refund, cause it was canceled within 30 days) and then reordered the new one with www as Common Name and it worked.

When it comes to redirects, if you have server access, in Apache this is the best option to redirect to https 

<VirtualHost *:80>
    ServerName domain.com
    ServerAlias www.domain.com
    Redirect / https://domain.com
</VirtualHost>

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question non www to www for both http and https not working Redirecting https://www to https://non-www Redirect https://www to https://non-www .htaccess in Wordpress for https and www to non-www htaccess redirect for www to non-www not working .htaccess redirect http/https www to https non-www wordpress htaccess http www redirect to https non-www .htaccess force redirect of https://www to https:// not working Redirect all traffic to https:// non-www Redirect non www to www, but its only working for home page
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM