I have generated certificates for my 2 domains www.example.com and example.com
And here are the .conf files for both HTTP and HTTPS protocols:
<VirtualHost *:80>
ServerName example.com
ServerAlias www.example.com
DocumentRoot /var/www/html/funapps
RewriteEngine on
RewriteCond %{SERVER_NAME} =example.com [OR]
RewriteCond %{SERVER_NAME} =www.example.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [NE,R=temp]
</VirtualHost>
And in a different file:
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerName example.com
ServerAlias www.example.com
DocumentRoot /var/www/html/funapps
<Directory /var/www/html>
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
</Directory>
RewriteEngine on
RewriteCond %{SERVER_NAME} =example.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/www.example.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/www.example.com/privkey.pem
</VirtualHost>
</IfModule>
Now, this happens:
If I visit http://example.com or https://www.example.com, I'm redirected to https://example.com and https://www.example.com respectively. But as you see, I've provided certificate for www.example.com only, the browser shows security warning for non www domain.
So basically, I want to know what option would be better to handle 2 certificates for these 2 domains?
- Adding IF / ELSE condition for SSL certificate file in same HTTPS virtual host section (I don't know how to do this) OR
- Specifying 2 different HTTPS virtual hosts containing their respective certificates?
