HTTP Redirect

HTTPS & TLS

HTTPS is handled automatically. When a domain that points to this service is accessed for the first time, a TLS certificate is obtained and renewed in the background — no configuration required.

Single-hostname certificates

By default, a certificate is issued for the exact hostname being redirected. A redirect on www.your-domain.com receives a certificate for www.your-domain.com.

No additional DNS configuration is required. Certificates are issued on first access and renewed automatically.

Certificate issuance is rate limited. If you are planning to redirect a large number of subdomains, consider configuring DNS delegation to obtain a wildcard certificate instead.

Wildcard certificates

If you are redirecting multiple subdomains of the same domain, you can configure DNS delegation to obtain a single wildcard certificate (e.g. *.your-domain.com) that covers all of them.

To enable wildcard certificates for a domain, add a CNAME record delegating the ACME challenge subdomain:

_acme-challenge.your-domain.com.  IN  CNAME  _acme-challenge.d.http-redirect.com.

Once this record is in place, the next time any subdomain of your-domain.com requests a certificate, a *.your-domain.com wildcard certificate will be issued instead of a hostname-specific certificate.

Example — redirecting multiple subdomains
# DNS records for your-domain.com
www.your-domain.com.               IN  CNAME  http-redirect.com.
blog.your-domain.com.              IN  CNAME  http-redirect.com.
shop.your-domain.com.              IN  CNAME  http-redirect.com.

# Wildcard certificate delegation
_acme-challenge.your-domain.com.   IN  CNAME  _acme-challenge.d.http-redirect.com.

# TXT redirect records
_redirect.www.your-domain.com.     IN  TXT    "https://new-domain.com"
_redirect.blog.your-domain.com.    IN  TXT    "https://blog.new-domain.com"
_redirect.shop.your-domain.com.    IN  TXT    "https://shop.new-domain.com"

The CNAME delegation only needs to be added once per domain, regardless of how many subdomains you redirect.

Security notice: Adding this CNAME delegation grants this service the ability to obtain TLS certificates for any subdomain of your domain via the DNS-01 challenge — not just the hostnames you point at this service. Only configure this delegation if you trust the service and intend to redirect subdomains through it.

Nested subdomains

Wildcard certificates cover one subdomain level. A certificate for *.your-domain.com covers www.your-domain.com but not api.v2.your-domain.com.

For deeper subdomains, add the CNAME delegation at the appropriate level: 

# Covers *.v2.your-domain.com (api.v2.your-domain.com, etc.)
_acme-challenge.v2.your-domain.com.  IN  CNAME  _acme-challenge.d.http-redirect.com.

Certificate reference

DomainDNS delegation configured?Certificate issued
www.your-domain.com No www.your-domain.com
www.your-domain.com Yes — at _acme-challenge.your-domain.com *.your-domain.com
api.v2.your-domain.com Yes — at _acme-challenge.v2.your-domain.com *.v2.your-domain.com
your-domain.com (apex) Any your-domain.com — apex domains always receive a single-hostname certificate