TL;DR: Registrars can’t provision SSL certificates for forwarded domains — their infrastructure doesn’t support it. That’s why HTTPS breaks. The fix: Domain-Forward.com (free plan) auto-provisions Let’s Encrypt certificates for every domain. Working HTTPS redirects in 5 minutes.
You set up domain forwarding at your registrar. It works over HTTP. Then you try HTTPS — and your visitors see this:
“Your connection is not private”
They don’t get redirected. They hit the back button. Your redirect is useless for anyone whose browser defaults to HTTPS — which in 2026 is virtually everyone.
This is the single most common domain forwarding problem on the internet. It affects GoDaddy, Namecheap, Name.com, Hostinger, IONOS, and most other registrars. And it’s not a bug — it’s a fundamental architectural limitation.
Why Registrars Can’t Do HTTPS Forwarding
To understand the problem, you need to understand how SSL/TLS works:
The HTTPS handshake requires a certificate BEFORE the redirect
When a browser connects to https://yourdomain.com, the very first thing that happens — before any HTTP redirect — is the TLS handshake. During this handshake, the server must present a valid SSL certificate for yourdomain.com.
If there’s no certificate, the browser throws an error. The redirect never gets a chance to fire. The connection dies at the TLS layer before reaching the HTTP layer where redirects operate.
Registrars would need to provision millions of certificates
For a registrar to support HTTPS forwarding, they’d need to:
- Provision an SSL certificate for every single forwarded domain
- Store and serve those certificates on their forwarding servers
- Automatically renew them before they expire (every 90 days for Let’s Encrypt)
- Handle rate limits from certificate authorities
- Validate domain ownership for each certificate
This is significant infrastructure. For a feature that generates zero revenue (forwarding is usually free), most registrars simply don’t invest in it.
The result: HTTP-only forwarding
Registrars take the easy path: their forwarding servers accept HTTP connections and redirect them, but they have no SSL certificates installed for your domain. HTTPS connections fail at the TLS handshake stage and never reach the redirect logic.
How Modern Browsers Make This Worse
In 2026, this problem is worse than ever:
- Chrome auto-upgrades to HTTPS — if a site has ever been seen over HTTPS, Chrome will try HTTPS first
- HSTS preload lists — many TLDs are on browser preload lists that force HTTPS
- Safari prefers HTTPS by default
- Address bar behavior — typing “yourdomain.com” in the address bar often results in an HTTPS request
This means the majority of your visitors will hit the HTTPS version of your domain — where your registrar’s forwarding doesn’t work.
The SEO Damage
Beyond lost visitors, HTTPS failures hurt your search rankings:
- Google uses HTTPS as a ranking signal
- A broken HTTPS redirect creates a redirect chain with a failed first hop
- Search engines may index the insecure version, showing “Not Secure” in results
- Link equity from backlinks is not properly transferred through a broken HTTPS redirect
If you’re forwarding a domain for SEO reasons (preserving link juice after a rebrand), the HTTPS failure defeats the entire purpose.
The Fix: Domain-Forward.com Auto-Provisions SSL
Domain-Forward.com is built specifically to solve this problem. When you point your domain’s DNS to Domain Forward:
- DNS validation confirms you own the domain
- Let’s Encrypt certificate is automatically requested
- Certificate is provisioned and installed (usually within minutes of DNS propagation)
- Auto-renewal happens every 60-90 days — you never think about it
- Both HTTP and HTTPS work — visitors are redirected regardless of protocol
What you get:
- Automatic SSL certificates — no manual provisioning, no commands, no configuration
- HTTPS forwarding — visitors on HTTPS get redirected, not error pages
- 301 permanent redirects — proper SEO value transfer
- Analytics — see who’s clicking
- Both www and non-www handled with a single setup
- Free plan — 5 domains, no credit card, no time limit
How to Set It Up
Step 1: Remove existing registrar forwarding
If you have forwarding configured at your registrar, remove it. The old configuration creates DNS records that conflict with Domain Forward.
Step 2: Create your free account
Sign up at Domain-Forward.com.
Step 3: Add your redirect
- Source:
yourdomain.com(add both root andwww) - Destination: Any URL
- Type: 301 (permanent)
Step 4: Update DNS
| Record Type | Host | Value |
|---|---|---|
| A | @ (root) | 138.68.125.144 |
| CNAME | www | edge.domain-forward.com |
Step 5: Wait for propagation + SSL
DNS propagation takes 1-4 hours. Once Domain Forward sees the correct DNS records, it provisions your certificate automatically.
Step 6: Test with HTTPS
The critical test: visit https://yourdomain.com. You should be redirected to your destination with no warnings. Check with our redirect tester tool.
Which Registrars Have This Problem?
| Registrar | HTTPS Forwarding | Details |
|---|---|---|
| GoDaddy | No | Full guide |
| Namecheap | No | Full guide |
| Name.com | No | Full guide |
| Hostinger | No | Full guide |
| IONOS | No (uses 302) | Full guide |
| Bluehost | No | Full guide |
| Domain.com | No | Full guide |
| Porkbun | Inconsistent | Full guide |
| Squarespace | Partial | Full guide |
Stop Losing Visitors to Certificate Errors
Every visitor who hits https://yourdomain.com and sees “Not Secure” is a lost opportunity. In 2026, that’s most of your visitors. The redirect fires for HTTP traffic but fails for HTTPS — and HTTPS is the default.
The fix takes 5 minutes: create your free account, add your redirect, update two DNS records, and get automatic SSL. No certificate management, no renewal worries, no browser warnings. Your email stays working — only A and CNAME records change.