Add SSL certificate troubleshooting guide and enhance deployment configuration

- Create CERTIFICATE_FIX.md to address ERR_CERT_COMMON_NAME_INVALID issues with detailed solutions and verification steps.
- Update GitHub Actions workflow to ensure CNAME and .nojekyll files are copied to the dist directory for proper deployment.
- Add security headers in public/_headers for improved security practices.
- Introduce cert-check.html for SSL verification and redirection handling.
- Add security.txt for contact information and preferred languages.

Author: allansrc

.github/workflows/deploy.yml

@@ -46,6 +46,17 @@ jobs:
       - name: Copy 404.html for SPA routing
         run: cp dist/index.html dist/404.html
 
+      - name: Ensure CNAME is in dist
+        run: |
+          if [ -f public/CNAME ]; then
+            cp public/CNAME dist/CNAME
+            echo "CNAME copied to dist"
+          fi
+          if [ -f .nojekyll ]; then
+            cp .nojekyll dist/.nojekyll || true
+            echo ".nojekyll copied to dist"
+          fi
+
       - name: Setup Pages
         uses: actions/configure-pages@v4
 

CERTIFICATE_FIX.md

@@ -0,0 +1,99 @@
+# Fix para ERR_CERT_COMMON_NAME_INVALID
+
+## O Problema
+
+O erro `ERR_CERT_COMMON_NAME_INVALID` ocorre quando:
+- O certificado SSL não corresponde ao domínio acessado
+- Há um problema com www vs non-www
+- O CNAME não está configurado corretamente no GitHub
+
+## Soluções Aplicadas
+
+### 1. CNAME Configurado
+- ✅ Arquivo `CNAME` com `duckdevlabs.com` (sem www)
+- ✅ CNAME copiado automaticamente no build
+
+### 2. Workflow Atualizado
+- ✅ Garantindo que CNAME e .nojekyll sejam copiados para dist/
+
+## Verificações Necessárias no GitHub
+
+### 1. Verificar Configuração do Domínio
+1. Vá em **Settings → Pages**
+2. Em **Custom domain**, deve estar: `duckdevlabs.com` (sem www)
+3. O **SSL** deve estar **enabled**
+
+### 2. Verificar DNS
+Execute no terminal:
+```bash
+dig duckdevlabs.com +short
+# Deve retornar algo como: 185.199.108.153
+```
+
+### 3. Verificar Certificado SSL
+1. Acesse `https://duckdevlabs.com`
+2. Clique no **cadeado** na barra de endereços
+3. Veja os detalhes do certificado
+4. Deve mostrar: **Issued to: duckdevlabs.com**
+
+## Se o Problema Persistir
+
+### Opção 1: Limpar Cache do GitHub Pages
+1. Em Settings → Pages, remova o domínio customizado
+2. Salve
+3. Aguarde 5 minutos
+4. Adicione novamente: `duckdevlabs.com`
+5. Aguarde a propagação do DNS (pode levar até 24h)
+
+### Opção 2: Verificar DNS
+Certifique-se que o DNS aponta para:
+```
+Type: CNAME
+Name: duckdevlabs.com
+Value: duckdevlabs.github.io
+```
+
+OU se usar A records:
+```
+185.199.108.153
+185.199.109.153
+185.199.110.153
+185.199.111.153
+```
+
+### Opção 3: Forçar HTTPS no Navegador
+Adicione no console do navegador:
+```javascript
+// Redireciona www para non-www
+if (location.hostname === 'www.duckdevlabs.com') {
+  location.replace('https://duckdevlabs.com' + location.pathname);
+}
+```
+
+## Testar Localmente
+
+```bash
+# Build
+npm run build
+
+# Preview
+npm run preview
+
+# Acesse http://localhost:4173
+# Não deve ter erro de certificado localmente
+```
+
+## Logs Úteis
+
+No console do navegador, execute:
+```javascript
+// Ver URLs dos recursos carregados
+Array.from(document.querySelectorAll('link[rel="stylesheet"]')).forEach(link => {
+  console.log('CSS:', link.href);
+});
+
+// Verificar protocolo
+console.log('Protocol:', location.protocol);
+console.log('Hostname:', location.hostname);
+```
+

public/.well-known/security.txt

@@ -0,0 +1,4 @@
+Contact: mailto:hello@duckdevlabs.dev
+Expires: 2025-12-31T23:59:59.000Z
+Preferred-Languages: pt-BR, en
+

public/_headers

@@ -0,0 +1,7 @@
+/*
+  Strict-Transport-Security: max-age=31536000; includeSubDomains
+  X-Content-Type-Options: nosniff
+  X-Frame-Options: DENY
+  X-XSS-Protection: 1; mode=block
+  Referrer-Policy: strict-origin-when-cross-origin
+

public/cert-check.html

@@ -0,0 +1,20 @@
+<!DOCTYPE html>
+<html>
+<head>
+  <meta charset="utf-8">
+  <title>SSL Check</title>
+</head>
+<body>
+  <h1>SSL Certificate Check</h1>
+  <p>If you see this, SSL is working but there might be a redirect issue.</p>
+  <script>
+    console.log('Current URL:', window.location.href);
+    console.log('Protocol:', window.location.protocol);
+    console.log('Hostname:', window.location.hostname);
+    if (window.location.hostname.includes('www.')) {
+      window.location.href = window.location.href.replace('www.', '');
+    }
+  </script>
+</body>
+</html>
+

vite.config.js

@@ -17,7 +17,7 @@ export default defineConfig({
       },
     },
   ],
-  base: '/',
+  base: process.env.NODE_ENV === 'production' ? '/' : '/',
   build: {
     assetsDir: 'assets',
     outDir: 'dist',