We have a Wordpress website that has an SSL certificate for all non-www pages. So, we've tried setting the Wordpress address URL to https://mydomain.com in the General Settings screen. The redirect works if you try entering www.mydomain.com, but only after you accept the certificate on the untrusted connection. So it needs to run the redirect before it checks. It also doesn't seem to redirect if no 's' is added to the http, but I've found plugins that say they'll fix that, but nothing seems to fix my other problem.
+1
A:
Detailed explanation: http://noctis.de/archives/11-Using-WordPress-with-SSL.html :)
Maybe you need to add one more VirtualHost or to buy an wildcard certificate.
<VirtualHost my.ip:80>
ServerName example.com
ServerAlias www.example.com
RedirectPermanent https://example.com
</VirtualHost>
Or try to add an .htaccess file:
RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://example.com/$1 [R,L]
Source: http://www.besthostratings.com/articles/force-ssl-htaccess.html
gearsdigital
2010-07-21 18:55:31
Ehh, that didn't help either, still getting an untrusted connection error when going to the website with www.
Joren
2010-07-21 19:14:37
@gearsdigital link is good and obviously worked. If you're getting an untrusted connection error than that most likely means your SSL certificate does not match the domain that you are invoking HTTPS on. Shared domains or wild card domains will always do this and I believe this will happen for sub-domains of your domain as well, but I'm kind of rusty on that topic. Could someone clarify/correct me on that?
hsatterwhite
2010-07-21 19:53:24
SSL is for the domain without the WWW. The problem is, I can't get any redirects to work on wordpress to automatically redirect WWW to non-WWW. Basically, if the user types in 'https://www.mydomain.com' I need it to redirect to 'https://mydomain.com'. I can get those redirects to work fine without the secure protocol, but it only works with the s in there AFTER the user has authorized the bad cert
Joren
2010-07-21 20:34:01
A lot of browsers, including Chrome and FF can throw 'untrusted' warnings if a certificate is self-signed - is that the case with yours?
TheDeadMedic
2010-07-21 21:30:13
Again, the certificate is only for NON-WWW. People are able to visit https://www.mydomain.com and see that it is untrusted, I need that to redirect to https://mydomain.com. Redirection seems to only work after a user says to 'go ahead' and try to visit https://www, is it even possible for this to work since everyone keeps asking these questions over and over?
Joren
2010-07-21 21:42:48
Yeah, sadly the client already only has just a regular certificate, so we were trying to avoid telling them to buy a new one :(
Joren
2010-07-22 14:57:15