SSL Certificate – Fix SSL Certificate Error in Domain Redirection

301-redirectdomain-name-systemredirectssl

I am managing two domain names and want to redirect one to the other. I set up a domain forwarding with 301 permanent redirection from domain S (source) to domain T (target). The server on domain T redirects all HTTP to HTTPS. The browser is redirected if I visit http://<domain-S>.

If I visit https://<domain-S> (note the S for TLS), I see:

Firefox detected a potential security threat and did not continue to <domain-S>.  ...

Firefox does not trust this site because it uses a certificate that is not valid for <domain-S>. The certificate is only valid for the following names: shortener.secureserver.net, www.shortener.secureserver.net

Error code: SSL_ERROR_BAD_CERT_DOMAIN

Please note that the HTTPS configuration is working well for <domain-T>. I believe that the problem is that the SSL certificate for https://<domain-T> is being served for https://<domain-S>.

How can I redirect the domain before serving the certificate?

Best Answer

You must provide a valid certificate when the browser visits https://<domain-s>, the certificate check is performed before processing the page content/redirects/... and this is by design.

If you can't create a certificate for domain S and another for domain T, you can list both domains in Subject Alternative Name of your certificate: RFC5280, Section 4.2.1.6

The subject alternative name extension allows identities to be bound to the subject of the certificate. These identities may be included in addition to or in place of the identity in the subject field of the certificate.

Related Topic