Can I use SSL with a Multi Network Setup?

I have created a Multi-Network environment - note Multi-Network not Multisite - and I wondered if a single SSL certificate that is currently used on the original domain can be used across all the Networks. The SSL Certificate was issued through Let's Encrypt but I didn't set it up so I am not sure how it is configured at the moment.

Thanks for any help in advance,

Regards
Mark

  • Adam Czajczyk

    Hello Atkotech

    I hope you're well today and thank you for your question!

    The SSL is more of a "cert <-> domain" relationship rather than whether that's single, multi-site or multi-network WP install. I assume that by "single certificate" you mean a regular single-domain SSL certificiate, is that right?

    If so, that should work as long as your networks (multi-sites within multi-network) are installed under "sub-folder URL's" of main domain and they are "sub-folder setups" themselves.

    If they there are sub-domains involved, you'd need a wild-cart cert and if the multi-sites within multi-network are under their own domains - then you'd need either a multi-domain cert or separate certs for each of the domains.

    That's really not much different from any other case (e.g. from case of just a multi-site or multi-site with mapped domains) regardless of whether that's Multi-Network or not. The point is that the certificate(s) must cover domain(s) that are used :slight_smile:

    Best regards,
    Adam

  • Atkotech

    Thanks for your reply Fabio Fava

    Are you using individual domain names for each new site across your Networks? I don't plan on using new domain names for each site. At the moment they all are set up like xxx.mynetwork.com and will remain like that for the foreseeable future. Are you saying I need to add each sub-domain (xxx.mynetwork.com) on to the cert even though it is a sub-domain of the original domain as opposed to a new domain name? Shouldn't the cert already recognise the sub-domains as being the originating domain if it is set up as a wildcard?

    Thanks
    Mark

  • Fabio Fava

    Hey Atkotech

    At Cloudways, you can add up to 100 domains to a single Let's Encrypt SSL, their Platform UI allows that. But it's a bity tricky to have child-sites using sub-domains, and not only SSL-wide. As Adam Czajczyk said, you'll need a Wildcard SSL to cover your sub-domains child-sites (wich tends to be expensive).

    I assume that later this year Cloudways will implement the Wildcard Let's Encrypt, and this will allow your setup to work with sub-domains, just adding *.domain.tld on your Cert. But it's not working yet and they don't give us a timeframe for this to be implemented. Hope that's soon.

    Cheers.

  • Atkotech

    Okay I have some further news. Apparently everything checks out okay despite it not 'appearing' so in my browser. I have been given this link, I will post here in case anyone else needs to check validity of their own certificate now or in the future

    https://www.sslshopper.com/ssl-checker.html

    Everything checks out fine according to that link. It checks five key areas, mine passed four out of the five. The first is the IP the domain resolves to. The second is the server type. The third confirms the certificate should be trusted on all major browsers, the fourth details the expiry date of the certificate. The final point is where mine fails. It says;

    None of the common names in the certificate match the name that was entered (xxx.mydomain.net). You may receive an error when accessing this site in a web browser. Learn more about name mismatch errors.

    I assume this is where I need to make sure my sub-domain is listed in the cert, right?

    Thanks again, guys

    Mark

  • Atkotech

    Quick question on this matter. i am being told to create sub domains for each one that I want & then to request in my hosting a free certificate for each sub domain I need one for. If I physically create sub-domains won't that ruin my WordPress install? Also how could I do this on a Multi-Network platform as they can be much deeper than a simple sub domain. You can have something like xxx.mysubdomain.mymaindomain.com which you couldn't create in your DNS could you? Something I've never tried anyway.

    Mark

Thank NAME, for their help.

Let NAME know exactly why they deserved these points.

Gift a custom amount of points.