website does not work without using www

(again, assuming Apache)

You might consider running two vhosts, one with the www prefix and one without.

Add a mod_rewrite rule in the non-WWW vhost to forward all traffic to HTTPS on the WWW vhost.

This would eliminate the need for a new certificate, since (so far as I know) Apache only supports one SSL certificate per server.

Using IIS, not appache.

Aha.  Well, I bet it can be done on IIS, too.  Just post a question and one of the IIS experts can no doubt say how to.

Yes, thanks.  We have to do an IIS redirect, but our config file is so large it's crashing IIS, so it will be done manually by the web developer.

Thanks for your input.

You have a wildcard certificate with many names on it and almost all of them use 'www' and don't list the domain names without it.  The certificate needs to be redone.  A redirect will not change the problem.  In fact... since the non-www version is not valid, you can't even make the connection to do the redirect.  It ain't gonna work.

Dave, but if I want to add the non-www names, godaddy said I have to buy another cert, as each entry takes a slot.
So there's no way to do a local redirect on IIS or in any config files?

The problem is not that you can't redirect, the problem is that HTTPS makes the secure connection before any of that can happen.  And if you can't connect, you can't redirect.

So you're saying my only option is to buy any cert?

To get your sites to work on HTTPS both with and without 'www', you must get a new cert with the alternate domain names for ALL of the sites because all of the other sites listed on that certificate with only 'www' are going to have exactly the same problem.

Thanks for the input