In many cases SSL certificates are issued for the "www." domain.
Then you'll want to have all links pointing to "www." domain otherwise you'll see Firefox's error message:

"Secure Connection Failed. The certificate is only valid for"

RewriteEngine on
#RewriteCond %{SERVER_PORT} ^80$
RewriteCond %{HTTP_HOST} ^$ [NC]
RewriteCond %{REQUEST_URI} !^/?\.well-known
RewriteRule .*{REQUEST_URI} [QSA,R=301,L]

The check for .well-known is done to ensure Let's encrypt is able to access the site via non-ssl if necessary.

Referral Note: When you purchase through an referral link (if any) on this page, we may earn a commission.
If you're feeling thankful, you can buy me a coffee or a beer