Google Chrome Infuriating Redirects

Written by James McDonald

October 25, 2019

Google Apps has the ability to define a custom hostname for it’s calendar, drive, mail, sites, groups services

How it works is you create a CNAME record in DNS that points from your custom domain to Google which then intelligently redirects you to the correct service

So for mail your could create a CNAME DNS record of pointing to

Then you create links to and when you click on them you end up being redirect to

The problem is Chrome is immediately taking the http domain automatically making that into and then breaking the whole redirect chain because there is no SSL cert over at

Safari works fine

Unfortunately this is something that the Chrome browser takes apon itself and you can’t necessarily just clear your cache and it will stop doing it

So a fix of sorts

Make a list of redirections you have configured for your Google App Services

With the initial configuration as per Google just use curl to figure this out

curl -I


Change your CNAME records pointed to to your web server

e.g. CNAME points to

Create redirects on your webserver. This is an example for nginx. Create this block with just port 80 and certbot will add the 443 config. When certbot ask if you want to redirect say no.

server {
    # redirect www to host
    listen 80;
    listen [::]:80;

    root /var/www/tgn-redirect;
    location /.well-known {
        allow all;
        default_type "text/plain";
        autoindex on;
    location / {
        return 301;
    listen [::]:443 ssl; # managed by Certbot
    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot


After you have changed your DNS and configured your webserver. Use lets encrypt and get certs for your custom domains

certbot -d,,,,,

As mentioned above change your CNAMES from pointing to to point to your webserver

Once you have done that Google chrome will do as it does change to but then it will hit the valid SSL cert on your webserver and get redirected to the correct Google endpoint with out erroring out


Submit a Comment

Your email address will not be published.

You May Also Like…


Zebra Printer Language The above website has a page where you can enter ZPL and it...

PHP Iterators

Just came across a Youtube talk "Iterators in PHP" by Jake Smith published in 2014 that steps through the many...