1

I have a question regarding the need for SSL certificates in the following situation:

  • I will have www.example.app which will be registered and hosted by supplier A. In the hosting, a SSL certificate is included for the .app domain. The website will not contain any customer-information, it will purely be for information about an app and links to Google Play, Apple App Store, maybe some social media platforms and maybe a review or two.
  • I will then have www.example.de and .fr, registered by supplier A, to redirect to www.example.app/de and /fr, etc.
  • I will then have www.example.es and .it registered by supplier B, to redirect to www.example.app/es and /it. This is because neither supplier A or supplier B has all the TLD:s i want, so I need to split.
  • The reason for .de, .fr, etc. is that I will have localized versions of the app, and I want the local domains to build credibility.

Now to my questions:

  • Is it enough to only have SSL on the .app domain? Can the .de, .fr etc. be without since they are just redirecting and no information is given? Will it still look good and secure in the consumer adress bar this way?
  • If I need SSL on all the other domains; would a multi-domain SSL work even if it involes different TLDs and registrars/suppliers for the domains?

Thank you in advance!

Andrew Schulman
  • 8,811
  • 21
  • 32
  • 47
zorigo
  • 11
  • 2

1 Answers1

0

If you want to have https://example.de to redirect to https://www.example.app/de, then you need to have TLS certificate for example.de and maybe www.example.de, depending on your exact requirements.

If you are fine with redirect from http://example.de to https://www.example.app/de, then you don't need a certificate.

If you host all the domains on the same server, the best way is to get certificates for all domains with Letsencrypt.

Tero Kilkanen
  • 36,796
  • 3
  • 41
  • 63
  • When I think about it, it's actually part of my question; from a customer credibility point of view, do i need to redirect from https or is it enough to just redirect http? Will it still look "safe" in their browser? It's the customer experience and me looking credible I'm interested in. I don't plan on having hosting for all extra domains since they won't contain any website of their own. From my understanding I can redirect via the name servers. But even if i need hosting for all the domains, they can't be on the same server since none of suppliers A or B have all TLDs I need. – zorigo Mar 03 '21 at 16:41
  • Name servers don't do HTTP redirection, they only provide DNS name resolution services. Some domain registrars do provide additional redirect services on their web servers. However, those redirect services only provide redirection on HTTP. Doing the redirect over HTTP only is less secure. A malicious actor can intercept the HTTP requests and forward people elsewhere. From normal visitor point of view, I don't think there is no difference. – Tero Kilkanen Mar 03 '21 at 19:10