Setting up SSL certificates with Let’s Encrypt via Certbot is typically a straightforward process. I’ve used it for hundreds of sites without any trouble. However, during the launch of a major client’s site, I encountered a frustrating issue that taught me an important lesson about SSL setup for both www and non-www domains.
The Problem
After setting up the SSL certificate late at night, everything seemed fine, and the site worked perfectly at https://domain.com. However, the next morning, the client reported an issue—when visiting https://www.domain.com, the site showed as insecure.
I checked it on my browser, and sure enough, the certificate was broken. After some investigation, I realized the issue: during the initial setup, I had only included domain.com in the SSL certificate and overlooked www.domain.com.
The Fix
Certbot makes it easy to extend an existing certificate to include additional domains. Here’s the command I used to fix the issue:
sudo certbot –expand -d domain.com,www.domain.com
This command updated the certificate to include both the non-www and www versions of the domain, resolving the issue immediately.
Key Takeaway
When setting up SSL for any domain, always include both the www and non-www variations unless you’re certain one of them won’t be used. This small oversight can cause major headaches, especially with larger clients.
If you’re hosting your Mautic instance through Mailertizer, rest assured that we’ve got the SSL setup covered, ensuring your site is secure across all domain variations from day one.
