Redirect WWW to NON-WWW - Ghost 1 Click Install

November 12, 2017 2.2k views
Ghost Let's Encrypt DigitalOcean Ubuntu 16.04
chrisd130ea602c8904fcd90a5
By:
chrisd130ea602c8904fcd90a5

So have followed this guide:
https://www.digitalocean.com/community/tutorials/how-to-set-up-the-digitalocean-ghost-one-click-application-for-ubuntu-16-04

All works fine apart from when I try and visit the site with www in the URL.

All the browser says is “Safari cannot open the page because it could not establish a secure connection to the server”

What else do I need to do to redirect WWW to NON-WWW?

I have created an A Record for the WWW in the Domains section of the droplet.

I have also tried editing MYDOMAIN.co.uk-ssl.conf and MYDOMAIN.co.uk.conf adding the www url to the server_name entry and getting the same error.

Please help :(

Log In to Comment
2 Answers
lampreyOne November 13, 2017

It sounds like your certificate does not include the www version of the domain, so your browser is rejecting the connection before the server gets a chance to issue a redirect.

If you're using letsencrpyt, leave your non-www domain as server name, add the www domain under ServerAlias, then rerun letsencrypt and check off both domains, so it will create a certificate with both.

Reply
madebydouglas April 27, 2018

Hey I have the same issue. I am new to ubuntu, terminal etc. I'm sorry how do i edit the config file to add www that the ghost script created when it configured letsEncrypt? I dont see it in the directory, it says its in var folder, but i dont see that. Creating ssl config file at /var/www/ghost/system/files/ghost.digitalocean.love-ssl.conf

Reply
  • madebydouglas April 27, 2018

    I followed these instructions, and although its still not working, I think I am close

    "
    you need to add www version URL on ghost conf file

    Open sudo nano /var/www/ghost/system/files/example.com.conf (Open it via Terminal/putty or FTP)

    Find this line server_name example.com; Replace it with server_name example.com www.example.com;

    If you Install the SSL for your ghost blog you need update URL on SSL conf file too

    sudo nano /var/www/ghost/system/files/example.com-ssl.conf

    ghost Nginx conf File Location /var/www/ghost/system/files

    PS: Replace example.com with your Ghost blog URL

    After all set up restart ghost and Nginx

    ghost restart

    sudo service nginx restart

    That's all done :)
    "

  • madebydouglas April 27, 2018

    I found these instructions on Ghost documentation and it worked. Seems a bit more clunky with more files but it uses their script to easily configure the letsEncrypt for the new domain and then redirect it.

    https://docs.ghost.org/docs/cli-knowledge-base

    SSL for additional domains
    You may wish to have multiple domains that redirect to your blog, e.g. to have an extra TLD or to support www. domains. Ghost itself can only ever have one domain pointed at it. This is intentional for SEO purposes, however you can always redirect extra domains to your Ghost install using nginx.

    If you want to redirect an HTTPS domain, you must have a certificate for it. This is where letsencrypt comes in particularly handy, because who wants to pay for SSL for a redirect?!

    If you want to use Ghost-CLI to generate an extra SSL setup, you can do this using a little trick, first run ghost config to change the domain. This will not restart Ghost, so the change won't be reflected.

    ghost config url https://my-second-domain.com

    Next, get Ghost-CLI to generate an SSL setup for you:

    ghost setup nginx ssl

    You've now got two domains setup with SSL. Next, change your Ghost config back before you forget.

    ghost config url https://my-canonical-domain.com

    Finally, you'll need to edit the nginx config files for your second domain to redirect to your canonical domain. Edit both /system/files/my-second-domain.com.conf and /system/files/my-second-domain.com-ssl.conf, making two changes:

    remove the first location block (leave the .well-known location block - this is used for renewing certificates.

    for the redirect, you'll need to add the following as the last line of the final block:

    return 301 https://my-canonical-domain.com$request_uri;

    Once you have made those changes run sudo nginx -t to get nginx to verify your config, and sudo nginx -s reload to reload nginx and pick up your new configuration.

Have another answer? Share your knowledge.

Related Questions