Newbie question: How to route to subdomain to avoid "invalid certificate"

I’ve succeeded in getting an SSL certificate via Letsencrypt and Duckdns for Nginx, but I would like to know how to deal with the limitation that only certifies subdomains. So if I had a domain fred.duckdns.com, the all the subdomains of fred would be certified, but fred itself gives an “invalid certificate” error.

Is there a way of routing “fred” to “www.fred” so the invalid certificate error does not appear?

I’m sure it’s straightforward, but I am too inexperienced to deal with it!

Thanks in advance for any help you can give!

Yes, you can add a redirect from fred.duckdns.org to www.fred.duckdns.org

See here for an example: docker-swag/default at 016dc180075f8eb147b77e843e34e4fbb4976a1a · linuxserver/docker-swag · GitHub

Thanks, but I don’t think I made it clear how much of a newbie I am… :blush:

Could you point to the relevant line numbers please?

PS will this definitely prevent the invalid certificate?

It literally highlights the relevant lines

Maybe you need this: nginx redirect non-www to www - Google Zoeken

It looks like I cannot avoid an invalid certificate error if people choose to connect without a subdomain.

The article you referred to confirmed my fears:

First of all your need SSL certificate for both domains theos.in and www.theos.in. 
Another option is a SAN certificate or wildcard certificate that protect all first-level subdomains on an entire domain such as *.theos.in including www.theos.in, theos.in, forum.theos.in and more.

Sadly neither option is available with letsencrypt/duckdns

To redirect to www, the server would need to accept the connection at the domain[.ducknds.org] which does not have a certificate thus generating the error. I thought as much. How annoying!

What is misleading is that I see the following after the letsencrypt installation:

duckdns validation is selected
the resulting certificate will only cover the subdomains due to a limitation of duckdns, so it is advised to set the root location to use www.subdomain.duckdns.org

This led me to believe that a redirection would work. Oh Well!

Thanks for you help!

Then set the server_name to www.fred.duckdns.org here: docker-swag/default at 016dc180075f8eb147b77e843e34e4fbb4976a1a · linuxserver/docker-swag · GitHub

Ok, I think I’m going to have to look out some nginx tutorials. Thanks!