Nginx – Lets Encrypt Nginx – Your connection is not secure – for wrong subdomains

I have encryption from lets encrypt which is working fine.
My configuration of Nginx allows only SSL connections.
www.example.com, example.com, blog.example.com – all are working fine.

The problems

is if a type www1.example.com or blog12.example.com– there is an error : Your connection is not secure

I've read that is related to wildcard certificates – but let's encrypt doesn't support yet.

Question

is it possible to change configuration to get server not found error instead of Your connection is not secure for those "mistyped" sub-domains?

Info

lets encrypt call

sudo letsencrypt certonly -a webroot --webroot-path=/var/www/html -d example.com -d www.example.com

/etc/nginx/sites-available/example

server {
    listen 80 default_server;
    listen [::]:80 default_server;
    server_name example.com www.example.com;
    return 301 https://$server_name$request_uri;
}

server {

    # SSL configuration

    listen 443 ssl http2 default_server;
    listen [::]:443 ssl http2 default_server;
    include snippets/ssl-example.com.conf;
    include snippets/ssl-params.conf;```

    . . .

Best Answer

This is a DNS problem.

Your problem is that DNS lookups for blog12.example.com (for example) are returning the IP of your web server, instead of returning a NXDOMAIN response. This is probably because you have a wildcard DNS record set up.

To rectify this situation, go to your DNS provider and:

Create an A record for each subdomain that you want to have working (e.g, www.example.com, blog.example.com, etc), with the same IP as the current wildcard record.
Delete the wildcard record.

Best Answer

Related Solutions

Nginx – Properly setting up a “default” nginx server for https

Nginx – Port 443 set up SSL on Nginx + Ubuntu + EC2

Related Topic