htaccess and https/non-www to https/www

Question

I know there are many posts on redirects, and I've read a lot of them now, but only a few that I've found seem to touch on what I need and often seem to contain conflicting information

I need to get:

http://example.com -> https://www.example.com
http://www.example.com -> https://www.example.com

and more importantly:

https://example.com -> https://www.example.com

I can find many solutions to the first two. Like this one:

#First rewrite any request to the wrong domain to use the correct one (here www.)
RewriteCond %{HTTP_HOST} !^www\.
RewriteRule ^(.*)$ https://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

#Now, rewrite to HTTPS:
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

or this one:

RewriteEngine on

RewriteCond %{REQUEST_SCHEME} http [OR]
RewriteCond %{HTTP_HOST} !^www\.
RewriteRule ^ https://www.example.com%{REQUEST_URI} [NE,L,R]

These rules look like what I should be after, but I've only got a certificate that covers https://www.example.com. Is the third redirect possible? (https://example.com to https://www.example.com). The answers in the question I linked seem to suggest it might be possible without another certificate, but there's disagreement.

I would have thought that there's no way around the problem, but I'm hoping there can be and would appreciate input.

*edit: if I don't get a certificate for https://example.com, it won't be classed as a duplicate by search engines will it?

Answer 1

To do a redirect between subdomains (* -> www), you need a certificate for each domain that runs https, or you need a wildcard certificate that handles them all.

The redirect is a completely separate issue.

Once you get a valid connection, you can redirect or not.

If the connection isn't valid (wrong/missing ssl cert), the redirect will never happen.