I have a valid certificate for example.com. If users go to my site at http://example.com, they get redirected to https://example.com and all is good. If they go to https://example.com, all is good. If they even go to http://www.example.com, they get redirected to https://example.com and all is good.
However, if they go to https://www.example.com, Chrome triggers its SSL warning before I can redirect and tells the user to not trust this site. I don't have this problem in Safari or Firefox.
Here's my nginx configuration. What am I doing wrong?
```
# Configuration for redirecting non-ssl to ssl;
server {
listen *:80;
listen [::]:80;
server_name example.com;
return 301 https://example.com$request_uri;
}
# Configuration for redirecting www to non-www;
server {
server_name www.example.com;
ssl_certificate ssl/ssl_cert.crt;
ssl_certificate_key ssl/ssl_key.key;
listen *:80;
listen *:443 ssl spdy;
listen [::]:80 ipv6only=on;
listen [::]:443 ssl spdy ipv6only=on;
return 301 https://example.com$request_uri;
}
server {
listen *:443 ssl spdy;
listen [::]:443 ssl spdy;
ssl_certificate ssl/ssl_cert.crt;
ssl_certificate_key ssl/ssl_key.key;
server_name example.com;
}
```
EDIT: I see that this is a problematic configuration because the second block will look at the certs. What's the proper way to set this up with a cert that reads from "example.com" rather than "www.example.com"?
See Question&Answers more detail:
os 与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
