How to Use One SSL Certificate for a Multisite Network
Securing your site with an SSL certificate should be an important part of your security arsenal in order to help protect your data and users. Luckily, our Domain Mapping plugin has made it a snap to secure your entire Multisite Network with HTTPS.
With Domain Mapping, you can set custom domains for each site in your network along with services like:
- One certificate per network
- Force use of https
- End user domain mapping
- Global logins across all sites
- Check the health of domains
- Sell features as paid upgrades
- Offer features individually
- Resell domains to users
- Restrict login to mapped domain
- eNom and WHMCS integration
- Exclude pages from using https
- Pro Sites and MarketPress integration
This is all just the tip of the iceberg. There are a lot more juicy features included out-of-the-box. With Google’s announcement to boost search engine rankings for sites using SSL certificates, it’s even more important to protect your Multisite Network.
I’ll show you how to get started by setting up the Domain Mapping plugin to use one SSL certificate for your entire Network in this Weekend WordPress Project.
Choosing the Best SSL Certificate for Your Network
There are three main kinds of SSL certificates you can use and the right one for your network will depend on the type of setup you would like to achieve.
A Multi-Domain (UCC) SSL certificate will allow your users to choose their own domain to display.
It may be important for you to know that many Certificate Authorities have a limit to the number of certificates that can be issued for a single IP address so if you are running a large network of over 100 people, another solution may be necessary.
In such cases, adding another virtual host with SNI can help you to achieve this result.
A Standard SSL certificate can be used for Multisite installs with subdirectory paths such as https://www.your-site.com/site1/ and https://www.your-site.com/site2.
Standard certificates typically cost less, which is also a bonus.
On the other hand, if your Multisite is set up with subdomains, then a Wildcard SSL certificate will let your customers enjoy domains such as https://site1.your-site.com and https://site2.your-domain.com.
You can also choose an Extended Validation (EV) certificate which would work well for subdirectory installs, but with an added layer of security. It also includes visible validation for your users to see your site has gone through a more rigorous screening process to ensure your site is safe.
Once you have decided on the kind of SSL certificate you need for your Multisite, it’s time to purchase and set one up for your main network’s domain. If you would like more information on SSL certificates and how to use them in WordPress, check out our post How to Use SSL and HTTPS with WordPress.
Installing the Domain Mapping Plugin
Once your certificate has been successfully installed, you’re ready to setup the Domain Mapping plugin. For full details on how to get started, check out our comprehensive guides on our plugin’s page and our article The Ultimate WordPress Domain Mapping Plugin Just Got Better.
When Domain Mapping is all set up, you’re ready to configure your network’s SSL settings.
Activating SSL Across Your Network
Go to your network admin’s dashboard > Settings > Domain Mapping and scroll down to the section labeled Force http/https (Only for original domain). You’ll be asked if you would like to force https in login and admin pages. Selecting Yes will ensure you will be redirected to the secure version of your site every time you visit, even if you do not type in the “https” prefix.
1.6 million WordPress Superheroes read and trust our blog. Join them and get daily posts delivered to your inbox - free!
You will then be asked if you would like to force https or http for front end pages. For the highest level of security this option provides, choose Force https.
Now your main site will be protected with SSL encryption for each visit you make to your site, but what about your users’ sites?
Not a problem, the latest update has got you covered! Scroll down to the bottom of the page to the section Enable excluded/forced urls. This is where you can choose which features your users are able to set up.
Your users are referred to here as site admins. You can opt to let them choose pages to exclude from being mapped and if they would like to use your SSL certificate for their site as well.
There are also two plugins which integrate well with Domain Mapping and can help you earn extra income.
With these settings complete, your users can go to their admin dashboard > Tools > Domain Mapping and complete the steps to add their own domain and make use of your SSL certificate without installing their own.
You could optionally choose to disable your site admins from mapping their domain themselves and default them to your network’s path by installing and setting up Pro Sites. You can also limit many other features as needed with this plugin as well.
That’s it! You’re all set to use one SSL certificate for each site in your network. If you’re interested in having the feature of letting your users select between multiple domains they can use for their site upon sign up, check out out Multi-Domains plugin.
Expert support is also included with all the plugins I’ve mentioned here so if you find you run into troubles during setup, feel free to ask your questions in our 24/7 Support Forum.
If you’re interested in other ways you can power-up your site, check out some of our other articles: Adding Premium Upgrades to Your Multisite Network with Pro Sites, Give Your Customers Top-Notch Service with Support System and Using Appointments + to Setup and Streamline Client Consultations.
What are your plans for pairing Domain Mapping and SSL? Have you already included in your network? Even better! Share your experience and tips in the comments below.