How to use www and non-www domains with an SSL certificate
This article demonstrates how to configure your web site to use SSL even if visitors do not specify the www subdomain.
This article assumes that you already have a valid, functioning SSL certificate on your web site.
Table of Contents
Using www and non-www domains with an SSL certificate
Many third-party SSL certificates are only valid for one specific domain. For this reason, web site owners often set up an SSL certificate for the www subdomain (for example, www.example.com ). However, this means that visitors to the site may receive a security warning if they go to example.com without the www prefix.
Clearly, you want visitors
to be able to use an SSL connection whether they visit example.com or www.example.com. To enable this functionality, you can use Apache rewrite rules in a custom .htaccess file.
The following lines demonstrate how to redirect visitors who enter a domain name without the www prefix to a secure connection. With these settings enabled on your web site, visitors who go to example.com or www.example.com (where example.com represents your domain) both obtain an SSL connection:
What is SSL, and why would I use it? If you have never worked with SSL certificates before, we recommend you start here.
Learn what .htaccess files are, and how you can use them to customize the web server’s configuration for your web site.