That's correct; such a request doesn't make sense. The alternate site needs its own SSL so inbound https requests can reach it and be redirected without receiving an error about the certificate not matching. They need to either purchase a cert for that domain, or add something like Cloudflare to it and let them do the redirect so their mail server's web ports don't even need to be open. That would be the preferable solution and would also be free as no need for a paid plan level and the SSL is included.

More info David. I looked at Plesk for this client. I'm not sure why, but the account has DNS records for the alternate domain as an alias for the real domain. I'm assuming it's because the DNS at the registrar (Network Solutions) is only pointing to the IP address for the real domain. Then the Miva DNS is locally pointing the alias to the real domain. Couldn't the DNS at NS point the web traffic directly to the real domain name instead of Miva DNS acting as a middleman?

Scott

That will work technically, but browsers won't behave in the intended manner because the browser will be attempting to access alternatedomain on the IP of primarydomain, find that the SSL certificate has a name which doesn't match, and error out instead of presenting the correct site or redirecting to the proper URL. The workaround is a multi-domain certificate, but that's an expensive solution to a small problem. Next option is add alternatedomain as its own site, with its own SSL, solely to accomplish the redirect, as that's cheaper using a regular SSL cert, but still has a cost. Then, some registrars often have SSL-enabled redirect support as an alternative option, which could be free,, or finally something like the free Cloudflare plan.