Correct DNS records to set when Discourse is hosted on WWW subdomain?

Installation
1

Hi

I have setup Discourse in a Digital ocean droplet, using their 1 click install. I set the hostname to www.mydomain.com and I chose to issue an SSL certificate with Let’s Encrypt.

My domain is hosted with namecheap and I have set the following DNS records:

A Record    WWW   my_droplet_ip_address
A Record    @         my_droplet_ip_address
CNAME      @         www.mydomain.com

I believe everything is set correctly and on my desktop and laptop I can access the site successfully using each of the following URLs (all URLs redirect to https://www.mydomain.com):

https://www.mydomain.com
https://mydomain.com
http://www.mydomain.com
http://mydomain.com

However, on my Android phone I get a NET::ERR_CERT_COMMON_NAME_INVALID warning when accessing the site using these URLs:

http://mydomain.com
https://mydomain.com

I believe my device may be caching an old certificate as I migrated Discourse from the naked domain to the WWW subdomain having read on this forum that using the naked domain isn’t recommended. However, clearing the cache/data isn’t fixing it so I thought I’d ask if I have anything obviously wrong with my current DNS setup?

Many thanks in advance.

1 Like
2

Discourse generated a certificate only for the www address. If you agree the apex domain via http you get redirected as you expect, but if you access it with https, you get an error.

There are some topics about how to generate a cert for both domains. You might see forcewww.com. That’s easier.

2 Likes
3

Thanks for your reply. I assume you are referring to this topic?

The issue I had with following this was I don’t appear to have a /etc/nginx directory on my Digital Ocean instance. Do I need to install Nginx manually?

Alternatively, if I were to reinstall Discourse on the naked domain (without the www), would that solve this problem or would I just face the same issue if users were to access it via https://www. ?

Apologies if I’m asking obvious/beginner questions, this area of computing isn’t what I’m familiar with.

1 Like