I purchased a multi-domain SSL certificate which covers www.mydomain.com but not mydomain.com. Now what I try to browse to mydomain.com I get 403 Forbidden because the WAF says "hostname in HTTP request does not match the server name". Is there a way to get the WAF to do a permanent redirect to www.mydomain.com or do I need a different SSL certificate that covers both mydomain.com and www.mydomain.com?
You can't do url redirects unfortunately, I believe it's been requested as a feature but not sure if it's in the works.
Someone else may be able to advise on an alternative workaround.
I fortunately use a wildcard cert for my domain so in the WAF I just added www.domain.com and domain.com. Where as in TMG I can do deny and redirect which would be nice in the UTM.
I hope they add this feature in a future release. I have a workaround in place that half works. You get an SSL cert error if you try to browse to https://mydomain.com but if you just put in mydomain.com the WAF now lets it go through to my webserver which does a 301 redirect to https://www.mydomain.com.
That doesn't make much sense, and DNS should be allowing it to properly direct the domain, along with your IIS settings (if you are using that) having it added without the www, should be working.