Canonical Domain (www -> non-www with SSL)


I have a the following configuration which works great for the following domain: However I need to redirect eveything that comes as to with SSL support.

How can I configure the Endpoint to support this?


config :lxp, LxpWeb.Endpoint,
  debug_errors: true,
  http: [
    port: 80,
    protocol_options: [max_keepalive: 5_000_000]
  url: [host: api_url],
  force_ssl: [hsts: true, rewrite_on: [:x_forwarded_proto]],
  https: [
    port: 443,
    otp_app: :lxp,
    cipher_suite: :strong,
    protocol_options: [max_keepalive: 5_000_000],
    keyfile: "/etc/letsencrypt/live/" <> api_url <> "/privkey.pem",
    cacertfile: "/etc/letsencrypt/live/" <> api_url <> "/chain.pem",
    certfile: "/etc/letsencrypt/live/" <> api_url <> "/cert.pem",
    versions: [:"tlsv1.3", :"tlsv1.2"],
    honor_cipher_order: true,
    ciphers: [
    eccs: [:x25519, :secp256r1, :secp384r1],
    secure_renegotiate: true,
    reuse_sessions: true,
    transport_options: [socket_opts: [:inet6]]
  check_origin: true,
  cache_static_manifest: "priv/static/cache_manifest.json",
  secret_key_base: secret_key_base

This library does what you are asking for:

For example, if your CANONICAL_HOST is but your application is accessible via both and, all traffic coming through will be redirected (with a 301 HTTP status) to the matching URL.

thnx! @Exadra37

1 Like