hi,
i am trying to configure www.MYWEBSITE.ORG and MYWEBSITE.ORG for the same Wordpress/Yunohost install.
what i want
a) www.MYWEBSITE.ORG shall be main domain
b) MYWEBSITE.ORG shall redirect to it
what is the way to do ?
what shall i configure in YUNOHOST
and what shall i configure in NGINX
and what shall i configure in my DNS
i would like to have LET"S ENCRYPT certificate for both domains or just for the main one.
what i setted up so far:
IN A www.MYWEBSITE.ORG MY_UP
CNAME MYWEBSITE.ORG www.MYWEBSITE.ORG
i added domain www.MYWEBSITE.ORG to YUNOHOST
installed my WP to www.MYWEBSITE.ORG
installed certificate
my issues :
MYWEBSITE.ORG can’t be opened , error below.
Your connection is not private
Attackers might be trying to steal your information from MYWEBSITE.ORG (for example, passwords, messages, or credit cards). NET::ERR_CERT_COMMON_NAME_INVALID
what shall i do ?
i suppose the best way is to redirect user from MYWEBSITE.ORG to www.MYWEBSITE.ORG
but how shall i do it better ?
is there other options ?
Hi there,
I don’t know about the CNAME you seem to have put in your DNS, it might work
The message you are seeing :
Your connection is not private
Attackers might be trying to steal your information from MYWEBSITE.ORG (for example, passwords, messages, or credit cards). NET::ERR_CERT_COMMON_NAME_INVALID
Is because you probably still have a self-signed certificate. You should request a Let’s Encrypt certificate in the admin interface (Domains > your domain > SSL Certificate > Install a Lets Encrypt certificate). You can also do this from the command line. More info here
issues is different:
www.MYWEBSITE.ORG is defined as my domain, and i have certificate.
MYWEBSITE.ORG is not defined as domain, so i can’t install certificate for it.
Create a file /etc/nginx/conf.d/mywebsite.org.conf
Edit mywebsite.org.conf and put these lines
server {
#implemented by default, change if you need different ip or port
#listen *:80 | *:8000;
server_name mywebsite.org;
return 301 $scheme://www.mywebsite.org$request_uri;
}
Restart nginx:
service nginx restart
Note:
thank you !
i tried exactly what you propose and it looks like it works for http://mywebsite.org
but not for https://mywebsite.org shows
YOUR CONNECTION IS NOT PRIVATE
Unable to communicate securely with peer: requested domain name does not match the server’s certificate. HTTP Strict Transport Security: false HTTP Public Key Pinning: false
(as i see in your conf the port number 80 is commented, so as i understand that shall work in all cases, but it doesn’t for me)
any idea ?
For that, I think you will need to delete the mywebsite.org.conf and install the mywebsite.org from yunohost domian( with letsencrypt install on it too) like you did for www,mywebsite.org. Then in the /etc/nginx/conf.d/mywebsite.org.conf you need to add return 301 $scheme://www.mywebsite.org$request_uri; in the server blocks for port 80 and port 443.
It would look something like this :
server {
listen 80;
listen [::]:80;
server_name mywebsite.org;
return 301 $scheme://www.mywebsite.org$request_uri;
.......
.......
}
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name mywebsite.org;
return 301 $scheme://www.mywebsite.org$request_uri;
.......
.......
}
Restart nginx :
service nginx restart
thank you will do this very soon,
first i had to fix my DNS. is it OK to have two domains to same IP with IN A ?
or one of them shall be CNAME ?
mywebsite.org. 0 A xx.xx.xx.xx
www.mywebsite.org. 0 A xx.xx.xx.xx
p.s.
this one was not possible: =>
(error:Error when adding the entry to the DNS zone. (A CNAME RR for a root record is not allowed))
www should be a CNAME as it is a subdomian, if I am not wrong.
I had a similar issue as the thread-starter and I also did create a subdomain in Yunohost with Adding the www entry to the DNS settings in the hosting provider. www.mywebsite.org . However, I’ve got the certificate issue when trying to access www.mywebsite.org. https://mywebsite.org worked fine.
I’ve tried all sorts of things, like removing and re-adding the domain.
Problem was that I could not generate a certificate for www.mywebsite.org . The green button was inactive.
At the end I did run Yunohost diagnostics and after that it was possible to generate the let’s encrypt certificate. The green button became active. After generating the certificate, I could access the www.mywebsite.org without getting a certificate error.
I’m wondering why this procedure is not mentioned in the Yunohost DNS documentation? Or did I just didn’t find it? Is it not common to configure a www subdomain in Yunohost?
In my opinion it should be in the YH doc’s.
That’s a common misconception about subdomains, unfortunately. www has nothing special about it, it is a subdomain like another. As far as I know, the DNS documentation lets you set up the main domain and any subdomains to point to your server.
So domain.tld, www.domain.tld, and whatever.domain.tld can either be point to their own app each, or point to the same site by installing one site app and 2 redirect apps.
Since it’s a common misconception, wouldn’t it be good to briefly mention it on the DNS page in order to help out people like me?
Definitely! You can suggest an improvement of said page with the Escape key.
However, now that I read the page, I do not know why you had to specify both domain.tld and www.domain.tld. The @ DNS entry covers domain.tld and * covers all subdomains, including www.
I did try it without the subdomain, but I’ve got a certificate error (“bad certificate” or alike).
Also some YH experienced friends told me that a subdomain is required for www
I have a second YH server installation which I can try again without subdomain later.
thanks.