Netlify takes control over the root domain when using www?


When adding a subdomain as the domain name for a Netlify site, it does not add the root domain, the only domain in the list is the subdomain you added, the only difference is the subdomain “www”, this will also add the root domain, why?

My site is running on, the root domain is running on the backend server due to various ports using it. Hence, my users simply type in various apps, and the requested port gives them the correct content, this is not possible (I think) with Netlify.

Port 443 and 80 automatically redirects to www, handled by the backend.

The problem is that when you add to Netlify, it also adds, the SSL certificate refuses to propagate until both the domain and the subdomain is pointing towards Netlify, why is that? And is there any way around it?

So far I worked around it by merely pointing the root domain to Netlify, let it recognize it and have my SSL certificate issued, and then revert the root domain back. But I’m afraid this might be necessary every time Netlify tries to renew the certificate.

Any advice?

It would be preferable to use Netlify’s DNS servers directly. But that would require the option to redirect specific ports, like to a completely different IP.

Thank you,

@freddy, there is a setting internally we can set to override this. Which Netlify site do you only want to add the www subdomain to and what is the domain name being added?

Hi @luke,

Thank you for the response. It’s the domain, where I only want to be handled by Netlify, I want to deal with and handle the root domain myself :slight_smile:

Hi, @freddy, the SSL certificate has been updated to to only cover the domain.

Please note, this setting means we’ll ignore any other domain aliases which are added for the SSL certificate for this site - unless we perform a similar process to add them to the SSL certificate. In other words, if you want to make future changes or additions to the domains the SSL certificate includes, we’ll need to add/remove those here in Netlify technical support.

​Please let us know if there are any other questions or more we can do to assist.

@luke Hello! We’re running into the same issue with our site, we only want the SSL certificate to cover the site (from our domain). We want to handle the root domain by ourselves. We’re all ready to go live with our new site whenever we can fix this, would really appreciate any help.

We should also mention that that is a site already in production (hubspot was our earlier cms), so we can’t just leave it hanging pointing to netlify broken and without ssl

We worked through this in the helpdesk, but to clarify for future folks finding this:

  • our system will always automatically configure if you configure as the primary custom domain, and vice versa.
  • this will work fine with just one or the other hosted here - make that one the primary custom domain (rather than the one that redirects to the primary custom domain - this is labelled on the custom domain settings config card)
  • what might not automatically work is our SSL certificates, which you’ll have to ask for us to help with in a thread like this, and this will limit the functionality of that site (you will not be able to add additional hostnames to it without our help)
  • or you can do what Kennedy ended up doing and bringing a custom SSL certificate, which is not subject to our SSL provider’s requirements that all hostnames set on your site point to Netlify. Once you have that in place and DNS configured, you can ask our staff to update to a lets encrypt certificate without downtime to cover just the name or names you want.