This is to address the problem where you get certificate errors with any redirects or CNAME DNS entries which point to your actual installed Discourse (sub)domain.
If you do not have https configured already (you do if you have done a standard install recently) see Setting up Let’s Encrypt as your first step.
There are three patterns that need to be replaced. Enter your (sub)domain (and any additional subdomains preceded by -d ) and then add the following to your app.yml hooks section (towards the end of the file):
2025-04-23 @pfaffman changed the code because there’s a 3rd place it needs to be changed
after_ssl:
- replace:
filename: /etc/runit/1.d/letsencrypt
from: /-d =domain1= /
to: "-d =domain1= -d =domain2= "
global: true
New untested code added by @pfaffman 2025-07-29T20:57:00Z
There have been changes to how lets encrypt works recently (see Bootstrap error during Discourse install: ENOENT - /etc/runit/1.d/letsencrypt). @pfaffman hasn’t tested this yet, but I think this might work: (If it does, please let @pfaffman know and/or just edit the above and replace with this once you see that it works).
after_ssl:
- replace:
filename: /usr/local/bin/letsencrypt
from: /-d =domain1= /
to: "-d =domain1= -d =domain2= "
global: true
This will allow you to have HTTPS configured for a second domain that will redirect to the correct one without certificate issues.
If you need to add multiple extra domains, you can enter something like this in the domain2 field: www.bananas.com -d forum.bananas.com
For example, if you want people who visit https://forum.example.com to be redirected to your forum at https://community.example.com without a certificate error, this is all you need.