Issues with subdomain SSL & Redirects - already using wildcard cert and wildcard added to account

We have been running with a custom domain and SSL for weeks now, but it appears that some of our subdomain redirects have stopped working and we are now getting SSL errors for them as well.

Site: civicfs-prod

Example of how we are set up:

https://www.brianfung.civicfs.com loads and uses the correct SSL certificate, then redirects to https://www.civicfs.com/ae/brianfung. This no longer works correctly. An SSL error occurs because the netlify.app certificate is sent instead. The redirect never triggers. Whether or not these two things are related is unknown, but seems likely that the web server rules are now ignoring the second part deep subdomains…?

I’ve filed a support request about 5 hours ago, but no response yet. Any word on what may have caused this break recently?

Hi, @dcastro, I do see we responded on the support ticket. The issue in this case is the following limitation of our wildcard subdomain feature:

  • You can’t use domain aliases on the site with wildcard subdomains enabled, just the bare domain and subdomains under your primary domain. If you try to add a domain alias then it won’t work.

If the primary custom domain is www.example.com then any wildcard under the next level up works. So one level up from the lowest subdomain is *.example.com. The wildcard will not match for anything “lower”. It will not match a *.*.example.com subdomain.

For the brianfung example, this wildcard would work brianfung.civicfs.com. It would not work for www.brianfung.civicfs.com because the www subdomain is two level under the wildcard, not one.

I also updated the support ticket again just now with a possible workaround for the limitation and we’ll be happy to continue discussing the issue there (or here - wherever you prefer).