I have currently the following isse and I’d be really happy, if someone could assist me on finding the right approach.
I have installed discourse on an Ubuntu 21.10 server on Vultr
went with the default setup and created already a let’s encrypt certificate (for www.example.com) during the installation
My goal is that my forum is reachable only through www → www.example.com and not example.com
→ http://example.com correctly redirects (301) to https://www.example.com
→ http://www.example.com correctly redirects (301) to https://www.example.com
→ https://example.com throws a certifcate error and is not redirected to the correct https://www.example.com (the certificate was issued for www.example.com and not for example.com)
What is the best approach to make https://example.com redirect to https://www.example.com and how can I achieve my goal?
Nevertheless, I think this is still not a desirable solution, as it relies on an external service. Of course, it is free of charge, but you’ll need to find a new solution once this service is down.
I hope you don’t get me wrong @michaeld , it’s really a nice and easy solution which you are offering and I highly appreciate it.
It would be pretty cool thing, if you could decide during the standard install to go only with a www or non www version to make our life a little bit easier
Though I haven’t tested it in the just month, I’m pretty sure it works. If you didn’t have your DNS set up correctly and ran it a bunch of times then you got rate limited.
Do you mean “and request a certificate with both hostnames?” That’s way too hard. The likelihood that it will just break things for lots of people who don’t know how to configure dns that way is very, very high.
If you create a cert for both the apex and the www version, you’ll have both covered. :smiley As you stated, the cert does not include your apex domain… thus the error.
Your redirects should be:
http://example.com → https://example.com
http://www.example.com → https://www.example.com.
Then redirect https://example.com → https://www.example.com (your stated preferred domain).
Then no matter whether someone types in the apex domain or the www version, they’ll land on your https://www.example.com without any errors. Best practice is to include both the apex and the www on your cert. Just make sure your amended/new cert is the one being served by your server, and not the old one.
I see. And now you mentioned it I’ll start to remember — that was the second reason why I put Discourse behind ”normal” Nginx. The first reason was need to do some filtering. Well, my solution isn’t anykind fancy or technically demanding but not so popular at this circle.
I must say docker is not very user friendly solution if such really trivial thing must be done using third party web-service. Otherwise docker must be very useful I reckon, unless it wouldn’t come so popular.
Thanks for the advice @pfaffman . I’ll give it a try again during the weekend.
and about the second topic. I see your point, but this might be something like an advanced setting or optional setting, because it is really crucial that the same content is reachable only through one domain.
Actually it is not (unless Discourse itself doesn’t work). But if you are referring to SEO and Google such subdomain issue hasn’t been so serious for long time. Google can live with that, because there is just one domain — one is stub’ish FQDN and one with www is real one.