Redirect www subdomain to apex domain

Referencing this issue where yoannchaudet said to post over here, we are experiencing the issue described and need guidance on our GitHub pages config and DNS record config. Thanks!

The GitHub pages website is onnxruntime.github.io, with apex domain onnxruntime.ai and www subdomain.

If there is a doc describing this, happy to follow that.

Thank you!

Hello!

We document how to secure both an apex domain and the www variant here.

In your case you simply need to change your custom domain to onnxruntime.ai instead of www.onnxruntime.ai.

Let me know if that helps!

Thank you for the quick reply!

We are now getting a persistent TLS cert error. These are the DNS records. Any idea what is wrong here?

Thanks again!

I pulled logs for your specific certificate and can see that all requests to provision the certificate have failed consistently.

I think this is because your domain is pinning a single certificate authority:

GitHub Pages is using Let’s Encrypt so you will either need to remove the restriction you have in place (i.e. remove the CAA record) or add Let’s Encrypt to the list (i.e. add an extra CAA record with value 0 issue "letsencrypt.org"). We briefly describe this in our documentation and you can learn more about CAA on Let’s Encrypt’s website directly.

I’ll make a note for us to improve the detection.

Once your DNS is adjusted your certificate should provision just fine. It may take few hours though since the few background retries that are happening automatically now are counting toward Let’s Encrypt’s per-domain rate limits.

Awesome, thank you for that! I’ve applied to get that record removed. Hopefully will resolve things. Thanks again for the speedy response, and yes any extra diagnostics would be very helpful

1 Like

I can see the DNS change propagated and your certificate has been issued :tada:

1 Like