Lets Encrypt Nginx - Your connection is not secure - for wrong subdomains

Question

I have encryption from lets encrypt which is working fine. My configuration of Nginx allows only SSL connections. www.example.com, example.com, blog.example.com - all are working fine.

The problems

is if a type www1.example.com or blog12.example.com- there is an error : Your connection is not secure

I've read that is related to wildcard certificates - but let's encrypt doesn't support yet.

Question

is it possible to change configuration to get server not found error instead of Your connection is not secure for those "mistyped" sub-domains?

Info

• lets encrypt call

  sudo letsencrypt certonly -a webroot --webroot-path=/var/www/html -d example.com -d www.example.com

• /etc/nginx/sites-available/example

  server {
      listen 80 default_server;
      listen [::]:80 default_server;
      server_name example.com www.example.com;
      return 301 https://$server_name$request_uri;
  }
  
  server {
  
      # SSL configuration
  
      listen 443 ssl http2 default_server;
      listen [::]:443 ssl http2 default_server;
      include snippets/ssl-example.com.conf;
      include snippets/ssl-params.conf;```
  
      . . .
  

Answer 1

This is a DNS problem.

Your problem is that DNS lookups for blog12.example.com (for example) are returning the IP of your web server, instead of returning a NXDOMAIN response. This is probably because you have a wildcard DNS record set up.

To rectify this situation, go to your DNS provider and:

1. Create an A record for each subdomain that you want to have working (e.g, www.example.com, blog.example.com, etc), with the same IP as the current wildcard record.

2. Delete the wildcard record.