SSL For Redirected Domain

[baldidiot]

How do you handle ssl certs for a redirected domain? Eg: https://www.olddomain.com to https://www.newdomain.com

Without ssl on olddomain.com the user gets a security error before the redirect but let's encrypt doesn't seem to let you set up or renew a certificate for a redirected domain, even if the server IP is the same (ie: if olddomain.com redirects via a htaccess file stored on the same IP as newdomain.com).

I can get around it by temporarily removing the redirect to set the certificate up and then putting it back afterwards, but in that scenario it won't renew so you're stuck doing it long term which doesn't seem like a viable option.

[Aaron]

I have the similiar problem with SSL, i started new website, but before my domain become https i have fixed some backlinks on http version. i have redirect now, but what do you think guys, should i changed links into https or just leave it as it is?

[gil.langelaan]

301 redirect and wait

[Michael Martinez]

You could try aliasing the domain. I've got some aliased domains that Cpanel assigned Comodo certificates to. The alias implements a 301 redirect without requiring a hosting account (or setting up an Addon domain).

I don't know if Let's Encrypt would facilitate that.

[baldidiot]

I have the similiar problem with SSL, i started new website, but before my domain become https i have fixed some backlinks on http version. i have redirect now, but what do you think guys, should i changed links into https or just leave it as it is?

This isn't really the same thing as I was talking about. But yeah, just redirect. Google have said they don't drop juice from a http to https redirect.

[baldidiot]

You could try aliasing the domain. I've got some aliased domains that Cpanel assigned Comodo certificates to. The alias implements a 301 redirect without requiring a hosting account (or setting up an Addon domain).

I don't know if Let's Encrypt would facilitate that.

It's not cpanel so that's not an option (on a VPS on digital ocean).

What I ended up doing was removing the redirect so I could issue the SSL cert and then added it back in. I'm hoping that when the time comes it'll renew as it resolves to the same IP.

I have SSLs set up this way from sites that have been redirected and where the SSL was set up when the site was live and it does seem to renew, but not 100% if that'll work long term.

[universal4]

It's not cpanel so that's not an option (on a VPS on digital ocean).

What I ended up doing was removing the redirect so I could issue the SSL cert and then added it back in. I'm hoping that when the time comes it'll renew as it resolves to the same IP.

I have SSLs set up this way from sites that have been redirected and where the SSL was set up when the site was live and it does seem to renew, but not 100% if that'll work long term.

Sounds like the most logical method to fix it.

My guess the renewal may or may not work as planned unless the hostname matches. If you are using the dns method of auth, it would probably be ok, (most difficult method to get working) but usually for auth the hostname needs to answer.

Rick
Universal4

[baldidiot]

My guess the renewal may or may not work as planned unless the hostname matches. If you are using the dns method of auth, it would probably be ok, (most difficult method to get working) but usually for auth the hostname needs to answer.

That's what I was worried about, would be annoying having to muck about to renew.

Having said that I just tried a manual renewal of the certificate and it worked fine even with the redirect in place so maybe it will work long term.