How can I make https work with mapped domains?

I have an SSL cert that covers my main site and all my subdomains but it doesn't cover the mapped domains which is the source of all sorts of problems.

How can I make HTTPS work on mapped domains?

  • Andi

    Hi Glenton
    I hope you are fine!
    What kind of certificate are you using?
    What provider are you using?

    This would help to find out the source of your problem.

    Meanwhile many are using the SSL Certificates provided free by Let's Encrypt?
    https://letsencrypt.org/

    How to get Let's Encrypt working with wildcards - it is planned for January 2018!!!
    https://community.letsencrypt.org/t/support-for-sub-domains-and-wildcard-certificates/17067

    There are no limitations as to the "depth" of the domains included in your certificate - this should work. As long as you know the list of (sub)domains ahead of time, and you don't need too many different domains covered, Let's Encrypt would be fine for your use-case.

    But Wildcard Support won't work!

    https://www.theregister.co.uk/2017/07/06/free_wildcard_ssl_certs_lets_encrypt/

    Many Hosting Providers have a panel for their customers like PLex, cPanel or Virtualmin - which is free and Open Source and has Let's Encrypt support already integrated!

    So it would be important to know what you are actually using to help you much better!

    Also it is possible to use the Free SSL Certificates provided by Cloudflare and other Supercharging sites. The approach is different and sometimes even impossible to setup wildcards here, which would be necessary to get subdomains in WPMUDEV Multisites up and running. Only way would be to use subfolders instead.

    So please give some more input. Thanks!
    Andi

  • Nastia

    Hello Glenton

    Hope you are doing well!

    I've moved this thread from members' discussion forums to support forums. You will need to install a new SSL certificate for the mapped domains as well.

    If the SSL certificate is covering your main domain the subdomain it is a Wildcard SSL certificate. In order to cover the mapped domains too, the SSL certificate should be Multidomain. Multi-domain SSL certificates are usually pricey so you may follow Andi's suggestion and install a separate SSL for each mapped domain name with Lets Encrypt.

    If the SSL is installed on the Mapped Domain but the HTTPS is not forced, click on the Key icon next to a mapped domain to change HTTP to HTTPS

    Please let us know if you have any further questions!

    Kind regards,
    Nastia

  • Andi

    It depends on what SSL certificate you are using and what Panel you have.

    i.e. in Virtualmin - Let's Encrypt is already integrated so when a new domain or subdomain gets added it automatically gets added to the Let's Encrypt form which creates the certificate with a click of a button and you don't have to worry where they get placed as Virtualmin is doing all of this for you as soon as you have created and linked a new domain as alias Domain to the account.

    The point is actually that WordPress alone can't-do the job as it would need to write to the Apache or Nginx server. As soon as this happens it would be best if the same tool actually which makes the modifications to the server files will make the changes which are necessary for let's encrypt. and I am not sure if the API of CloudFlare could make those changes too on a CloudFlare account.

    As far as I know, the domain mapping plugin only maps the domains but does not create them.
    with Pro sites you could sell domains, so that plugin should actually be able to manage also let's encrypt and perhaps even the free CloudFlare SSL certificates for the users which create a new site with a new domain. But as far as I know, this is not possible until now. This said you will have to do the rest anyway outside of WordPress.

    I can really recommend using Virtualmin as it is very easy to setup and much more flexible then cPanel or even the crappy PLEX - it is free and simply works and integrates also with WHMCS already in its free version. It has Let's Encrypt support and actually what you would need!

    As long as pro sites are not providing that feature SSL Management, forget about an easy solution with some clicks, Better change to a host where you can set up those certificates easily or start managing the sites yourself. or ask a Prof helping you!

    If you know how to code and manage a server have a look to that here
    https://github.com/imbrish/letsencrypt

    But even here you would need to write all domains before in the config.yml.

    If you are using CPanel on your shared host try that here:
    https://github.com/mgufrone/cpanel-php

    But also here you need not only SSH access but also the right to actually install those kinds of scripts and having API access.

    If you have time wait until CloudFlare offers wildcard SSL certificates as this would be the easiest way if you run only subdomains. They are currently developing it but until now it has not been released.

    Kind regards
    Andi

  • Nastia

    Hello Glenton

    But how do I install a certificate for those mapped domains when they're technically not associated with the server?
    Like where would the .csr code be placed?

    You can host multiple SSL certificates on one IP Address using Server Name Indication (SNI).
    You will need to install the certificates manually on your server for each domain name, and define the location of the certificate in a vhost file.

    Otherwise, you will need to switch to a MultiDomain SSL certificate.

    Note: Many Certificate Authorities have a limit to the number of certificates that can be installed for a single IP address. So if you have a large network, for more than 100 domains you may consider adding another virtual host with SNI.

    Hope this will help!

    Kind regards,
    Nastia

Thank NAME, for their help.

Let NAME know exactly why they deserved these points.

Gift a custom amount of points.