Not sure why this site is killing me as I've configured SSL on domains before without a problem – but the combination of DNS management and server configuration is hurting my head – so I'm asking for help.
https://joyasolutions.com is the site.
It works in these configurations:
http://joyasolutions.com
https://joyasolutions.com
http://www.joyasolutions.com
It does not work for https://www.joyasolutions.com
Here is what the config looks like:
I have had it configured in other ways – but recently updated the cert and installed the intermmediate cert and it seems to be working great except for the redirect which gives an error for https with the subdomain.
I have tried a cname record configuration and that did not work – but if you want to suggest a specific solution on DNS Made Easy – with cname – let me know. Appreciate any ideas and suggestions. Obviously I need all 4 options working. I'm happy to do configuration in IIS to push to HTTPS always as well – but am not certain exactly what to do about that one.
OK… per help from -Brennan Smith I have changed to cname and have implemented an inbound rule that looks like this:
Best Answer
From what I can see, it appears that you are using two separate SSL certs for www and the root domain.
For the root domain (which works) it's a GeoTrust SSL cert with the following SHA1 fingerprint: DF EC DC 43 0F A3 0F 1B 86 72 D2 4E 87 81 D7 5F F4 70 C8 29
For the www domain (which fails) it's a Self Signed cert with the SHA1 fingerprint of: A4 44 C5 FE 95 45 82 68 7E C0 33 2C 12 B6 11 F7 12 04 D4 A8
It also appears that www and root are to two separate endpoints and www is a redirection node for DNS Made Easy. Since DNS Made Easy doesn't have your SSL cert on their redirector servers, the domain doesn't match.
A very simple fix would be setting www to be a CNAME of the root domain, and let your servers at the core handle the redirect.
On a totally unrelated, but important note - you should make sure that all of the permutations redirect to one single domain for SEO purposes. Getting slammed by Google/Bing for duplicate content is common in this case.