After purchasing a wildcard SSL certificate I was hoping to be able to redirect all traffic from http://example.com to https://www.example.com. There were two main goals which were to redirect all traffic to www.example.com and to require HTTPS. There is one flaw with this plan as it requires two valid certificates to work 100% of the time. The one scenario where it will not work is if a user types https://example.cominto a browser and you do not have a valid SSL certificate for example.com and instead only have a wildcard SSL certificate for *.example.com. The user will be prompted with an invalid certificate message when visiting the https://example.com domain.
The problem here is that the SSL handshake is happening before you are able to complete a redirect on the request. The only way to resolve this issue is to purchase two certificates to handle *.example.com and example.com. If you don’t mind the possibility of users typing in https://example.comand getting an invalid certificate message then purchasing a wildcard certificate only will cover you in 99% of situations.