SSL certificate invalid for

When I type “” into my browser (Firefox 94.0.1) it tries to load “” first, which seems to be a common UX thing for browsers to do by default. In this case it produces a SSL error because the server responds on “” but presents a certificate that’s only valid for the bare domain “”. If I accept the certificate, it then redirects to “” as (I assume) intended. I think it’s a good idea to keep the redirect from to, but the server config needs to be tweaked to present a valid certificate for to make the redirect work.

1 Like

this is escpically fatal because before the move to NISO the server sends strict-transport-security: max-age=63072000 on the domain name which makes it impossible to connect once your browser has cached this (e.g. due to the header also sent before the change to NISO).