Skip to main content
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Go to solution

SSL non www and www

If I purchase a basic GoDaddy one website SSL domain ( ) does it include and - most competitors seem to include this now, so wanted to see if GoDaddy does, or do I need two certs or a multi domain cert for this?




In GoDaddy UCC SSL Certificates, for your primary domain, you get covered for both non-www and www domains with a single domain entry in certificate. I just verified that. However, if it is not your primary domain and just a SAN, you still need to spend two SANs to cover the main domain and the 'www' sub domain.


To be clear, your solution works if the user types the following two URLs:-

They both get redirected to: as expected.


However it does not work when the user types

User does not get redirected to Instead he gets a security warning because is not in the list of domains (SANs) covered by the certificate.


So in reality, yours is not a 'complete' solution either. To be 'complete', the user should be redirected to https 'non-www' URL when he types https 'www' URL (according to our expectation here). To make that happen, you still need to add both:-

to your list of domains in certificate consuming 2 SANs. Please correct me if I'm wrong. Otherwise, next time we buy SSL, we need to do more research and see if other providers do in fact cover both www and non-www within a single SAN of their UCC SSL Certificate.


And if they do, BAD GoDaddy!

View solution in original post

A couple of years has passed since I first posted on this thread and there is still no obvious answer.

All I can suggest is get rid of the SSL with GoDaddy and get a free version from Let’sEncrypt.

Here is a great video tutorial for setting this up on GoDaddy CPanel:

View solution in original post


Hey @easueue,


Welcome to the community! Smiley Happy


Never hurts to ask, but that's actually pretty standard with most SSL providers. So in short, yes our standard SSL will secure your requested domain and the 'www' sub. 


CG - GoDaddy | Community Moderator
24/7 support available at

Hi I setup an ssl certificate with you guys and I pointed it to  Its running on Azure and when people hit my site without the www they get an invalid certificate warning.  What do I put in the domain or host to protect to get both the root and www covered.  There is only one box for one entry am I supposed to use commas or semi-colons or is that not how it works.



I'm have the same issue that @easueue is having and I'm being told that I need to purchase a UCC certificate to cover and  If you could provide the steps or a link to correct the issue I think it would help.

Hey @Mikeha


As I previously mentioned in this discussion, a standard SSL will secure both the root domain requested and the 'www'. You shouldn't need to buy a UCC certificate unless your '' is going to be for two completely different domains. 


CG - GoDaddy | Community Moderator
24/7 support available at
Getting Started

So if this is the case and we don't have to use 2 of our SSL UCC's on one domain with the www and without the www then what is the solution to this issue? It seems that I'm not the only one with this issue. I have called technical support and they aren't a lot of help. They just point me to the GoDaddy article that tells me how to redirect HTTP to HTTPS. This isn't my issue and doesn't solve my issue.


My issue is when someone goes to they hit a secure site but when they go to or they get "The hostname in the website’s security certificate differs from the website you are trying to visit. " on IE and invalid cert on other browsers.


Do I just add "Subject Alternate Name" for both and and it will only use one of my Subject Alternate Name's? or do I add only to my Subject Alternate Name's and it covers both.


Please help... This is killing me.

Same issue here. Although, I haven't had the issue in the past. Just installed a new standard cert and www is not covered. 

I am using website builder 7 to create my site and have been told that an SSL cert can be installed, but I have the same question ... will it cover both www and non www?  On a previous site only one was covered by the cert.  I don't think there is a place to do redirects with website builder, at least that's what I've been told, so I definitely need to cover both types of the domain.

Hi stikker,


Were you able to resolve this issue? I have a similar issue, cannot figure out.




No luck, I had to waste a second SSL on the same site. Feeling like this shouldn't have to be the case. 

Same here. I bought 5 certs for 5 sites and it's only half covered--either www or non-www. I've been on the phone with technical support for days and they want to charge money to help.

Hi @insidenm, thanks for posting.

The WWW and non-WWW version of domains is only included on Standard Certificates. If you purchased a UCC SSL, then only the exact domains will be secured. A UCC is not 5 separate certificates. It is 1 certificate that can cover 5 common name. Since you choose what 5 domains or subdomains are included, the WWW version is not automatically included.


Gary - GoDaddy | Community Moderator
24/7 Support | Check System Status
Getting Started

Yeah! Nice to know after you purchase a year's worth. The people selling the products should be explaining this when making the sale. It should also be noted on the product information page. Not much you can do once the purchase is made. It's not like there is an option to upgrade to 15 or 20 common names as required. I don't even think the people selling the stuff know the difference. Technical support certainly doesn't. It took multiple calls to support that I was getting non-secure page warnings before I figured it out myself.


Just suggesting that you share this information in advance so you don't put your customers in a position where they can't do anything to fix it until it's time to upgrade.

@stkikkerso you ended up assigning 2 certificates per domain?

We just purchased 2 years worth of *Multiple 5 website* plan.

Our is now properly set with as we've setup for primary in our site setup.
Our  and are redirecting properly to 

however  still produces "Your connection is not secure" gray page in Safari & Firefox.  Chrome is the only place the latter redirects and works as we hoped.

A couple of years has passed since I first posted on this thread and there is still no obvious answer.

All I can suggest is get rid of the SSL with GoDaddy and get a free version from Let’sEncrypt.

Here is a great video tutorial for setting this up on GoDaddy CPanel:

View solution in original post

Did you try the proper HTACCESS code I pasted in another thread...? Here it is again, just in case you didn't see it:

Here is the PROPER code for my site. It is literally the entire HTACCES file required to redirect my SSL site to its secure/HTTPS address. It works for BOTH the "www" and "non-www" URL of my site:


RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteCond %{HTTP_HOST} ^(www\.)?replace-with-your-URL\.com$ [NC]
RewriteRule ^$$1 [R,L]


On my sites, this sends both "www" and non-"www" versions of my URL to my secure site.

Go for lets encrypt, however it must be renewed every three months.


I am setting up lets encrypt SSL on my Windows Shared hosting with Plesk

I totally agree, all the salesmen need to be educated on how to sell SSL so we the customers arent left with a half ass install 

I am having your exact issue - www addresses NOT directing to HTTPS.


Has ANYONE figure out the proper code/rules for the htaccess file to fix this? I have been on the phone with GoDaddy for past several days. They broke five of my sites (which were down without my knowledge for days) when they installed my SSL incorrectly. Now, I'm not even getting secure protection on the site I BOUGHT it for - and all they do is send me a StackFlow article because none of their "support" staff can tell me the simple line of code to fix the www non-redirect issue.


Please. Anyone figured this out...? If not, I'm seriously just done. Cancelling SSL and going to a hosting company that gives a sh*t.


if I change my common n ame from www to * do I have to reinstall the certificate on the server or will it still work because the domain didn't change 


Good question!


I bought the UUC SSL up to 5 domains from GoDaddy and it seemed a bit overkill to use 2 "credits" on the 1 website.


I guess the wider question to the community is why do we not apply the certificate to one version, say Then set any user who accesses the on a 301 redirect to the non www version?