Hi all!
I'm trying to figure out if I'm doing something wrong, or if this is normal behavior. I have site aaa.fi which redirects to https://www.bbb.fi , meaning from HTTP to HTTPS. Certificate is for site bbb.fi. This works fine.
However, if I type https://aaa.fi -> browser (chrome) tells me that connection is not secure and it doesn't redirect to site https://www.bbb.fi, which it should.
Hopefully I managed to explain this in an understandable manner. So could someone more experienced tell me if this is expected behavior or is my configuration wrong?
Here's sites conf file (obfuscated for security purposes):
server {
listen 80;
server_name bbb.fi;
access_log /PATH/aaa.fi.access.log combined;
return 301 https://www.aaa.fi$request_uri;
}
server {
listen 80;
server_name www.bbb.fi;
access_log /PATH/aaa.fi.access.log combined;
return 301 https://www.aaa.fi$request_uri;
}
server {
listen 443;
server_name bbb.fi www.bbb.fi;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 60m;
ssl_certificate /PATH;
ssl_certificate_key /PATH;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers ECDH+AESGCM:ECDH+AES256:ECDH+AES128:DH+3DES:!ADH:!AECDH:!MD5;
ssl_dhparam /PATH;
add_header Strict-Transport-Security "max-age=31536000" always;
ssl_stapling on;
ssl_stapling_verify on;
ssl_trusted_certificate /PATH.crt;
resolver 213.140.164.26 212.149.120.42;
access_log /PATH/aaa.fi.access.log combined;
return 301 https://www.aaa.fi$request_uri;
}
I'm trying to figure out if I'm doing something wrong, or if this is normal behavior. I have site aaa.fi which redirects to https://www.bbb.fi , meaning from HTTP to HTTPS. Certificate is for site bbb.fi. This works fine.
However, if I type https://aaa.fi -> browser (chrome) tells me that connection is not secure and it doesn't redirect to site https://www.bbb.fi, which it should.
Hopefully I managed to explain this in an understandable manner. So could someone more experienced tell me if this is expected behavior or is my configuration wrong?
Here's sites conf file (obfuscated for security purposes):
server {
listen 80;
server_name bbb.fi;
access_log /PATH/aaa.fi.access.log combined;
return 301 https://www.aaa.fi$request_uri;
}
server {
listen 80;
server_name www.bbb.fi;
access_log /PATH/aaa.fi.access.log combined;
return 301 https://www.aaa.fi$request_uri;
}
server {
listen 443;
server_name bbb.fi www.bbb.fi;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 60m;
ssl_certificate /PATH;
ssl_certificate_key /PATH;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers ECDH+AESGCM:ECDH+AES256:ECDH+AES128:DH+3DES:!ADH:!AECDH:!MD5;
ssl_dhparam /PATH;
add_header Strict-Transport-Security "max-age=31536000" always;
ssl_stapling on;
ssl_stapling_verify on;
ssl_trusted_certificate /PATH.crt;
resolver 213.140.164.26 212.149.120.42;
access_log /PATH/aaa.fi.access.log combined;
return 301 https://www.aaa.fi$request_uri;
}