Domain forwards to IP address without valid SSL

April 6, 2019 320 views
Apache DNS

Hi,

I have domain name example.com and I have properly setup DNS on my domain provider to point to DigitalOcean

Then I properly setup A and CNAME records on DigitalOcean for that domain. I setup A records to point to my IP address (droplet).

I have wordpress on this Ubuntu Droplet on latest version. I also properly changed my wordpress address and site address and replaced them from IP to my domain.

Then trough SSH I setup Lets Enctrypt SSL certificate for my domain example.com

All of that is double checked and properly setup.

However when I type in my domain example.com it redirects me to my IP e.g. 111.111.111.11 but with SSL certificate like this https://111.111.111.11 and here it asks me if I want to proceed to a website. If I accept, every next time I visit domain it shows domain without any problems, so it seems it redirects from IP without problems. On the other hand if I don’t accept to proceed from https://111.111.111.11 since its unsecure connection it wont redirect me to domain.

I also want to note that my domian have properly setup SSL certificate and it works without problems.

I cant get out of this problem no matter what I try.

Thanks for any help that you offer

1 Answer

Hello,

The SSL certificate for your domain will never work on https://111.111.111.111. This is because the SSL has bee issued for your exact domain name.

You would need to change the redirect from the server’s IP address to your domain name and how your Web Server handles connections.

If you are using NginX for your WebServer, you would need to configure your configuration file to the following :

ssl_certificate /crt/ssl.crt;
ssl_certificate_key /crt/ssl.key;
server {
    listen 80 default_server;
    listen [::]:80 default_server;
    server_name example.com www.example.com;
    return 301 https://$server_name$request_uri;
}

If you are using Apache as a Web Server, you can use an .htaccess redirect :

RewriteEngine On 
RewriteCond %{HTTPS} !on 
RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$ 
RewriteCond %{REQUEST_URI} !^/\.well-known/pki-validation/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$ 
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

Or

RewriteEngine On
RewriteCond %{HTTP_HOST} ^example\.com [NC]
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://www.example.com/$1 [R=301,L]
Have another answer? Share your knowledge.