Implications of Domain Mapping with EV SSL

We have an EV SSL certificate on one site which currently links through to a number of other independent domains using separate instances of Wordpress but not using SSL.

I understand from your article on SSL Domain Mapping that if I set up the MultiSite using subfolders the EV SSL should work fine if I make the main site a MultiSite and map those other domains to it - is that correct?

The domains with and without SSL are all on the same VDS and therefore have the same IP address and nameservers.

I am trying to figure out the best order of work to avoid downtime as I will be messing around with live sites.

To complicate things still further, there is a live Magento shop (the main reason for the EV SSL) in a subfolder of the main domain with the EV SSL certificate that I need to maintain as live, and am concerned that this may be affected by the changeover to multisite. I guess there should be something added to the .htaccess but need to be sure. Is it possible to exclude the /shop folder?

Will setting up the EV SSL site as a Multisite compromise the rules governing the use of that type of certificate?

I also need to understand the SEO implications of doing this before we go ahead.

I feel I need a more comprehensive guide than the one on your How to Use SSL and HTTPS with WordPress page.

Sorry for the long ticket and multiple questions but this is a big investment for us and we don't want to risk breaking the existing sites or falling foul of PayPal and/or Trustwave rules in the process.

We tried doing this several years ago with no success so cancelled our WPMUDEV subscription, but have decided to give it one more go as things seem to have moved forward with the plugin.

Hoping you can help.

  • Tyler Postle

    Hey there Specialist,

    Hope you're having a great day so far.

    MultiSite using subfolders the EV SSL should work fine if I make the main site a MultiSite and map those other domains to it - is that correct?

    Is it a multi-domain EV SSL? If not, then it would work fine on the main site and any of it's subdirectories but not on the mapped domains. For the mapped domains to load over https you would need to get a multi-domain EV SSL and add each of the mapped domains to it, which can get a little pricey.

    Is it possible to exclude the /shop folder?

    So basically you won't want your .htaccess to affect your /shop/ directory at all? This here should help: http://stackoverflow.com/a/1848579

    The Domain Mapping settings won't affect your non-WP install at all. It's rules only affect the WP Multisite that it is installed in.

    Will setting up the EV SSL site as a Multisite compromise the rules governing the use of that type of certificate?

    Only in the way mentioned above, if you are planning to try and force https on mapped domains.

    If you have any further questions on this just let us know :slight_smile:

    Cheers,
    Tyler

  • Zyniker

    I would highly, highly recommend spinning up a development server and testing this on something that is not live before proceeding to work on live sites (if you can manage to use git push, all the better). At the absolute minimum, run a full server backup, take the server down for "maintenance", and then proceed with your edits.

    Like Tyler said, though, you shouldn't actually have any trouble accomplishing this as long as you make sure you have the right certificate(s) in place before you start modifying your configuration.

  • Specialist

    Many thanks Tyler, & Zyniker for the speedy replies.

    So Tyler, if I set it up on the (single EV SSL) I can map the domains to subfolders as long as I don't force https? But even so am I right in thinking that doing so will probably mean the green padlock will 'grey out' on the main and shop site though as not all content will be delivered using https? Multidomain EV SSL would be way too expensive. The single one was expensive enough!

    Zyniker, thanks for the warning. It's a VDS (Virtual Dedicated Server) controlled by the hosting company so I would only be able to test on a local server. Hence seeking advice before even starting.

    I think the best route would be to build the multi site as a new site on a virgin domain using a dedicated IP but not using SSL/https and leave the main site as it is, just linking beween them using the menu system. I can then test a sacrificial domain cloned from one of the live sites to see what cries when I try to map it to the multisite.

    The domains I want to map are content only with no ECommerce so won't need to use https. The only reason I wanted to use it on the main EV SSL domain was to protect the 'green padlock' from the 'mixed content' issue.

  • Nastia

    Hello Specialist

    I apologies for the delay here.

    So Tyler, if I set it up on the (single EV SSL) I can map the domains to subfolders as long as I don't force https?

    Yes, you can map domains to subfolders, but id EV SSL is single and installed only for the main domain, you cannot force https on mapped domains. You will have to install another SSL for the mapped domain name or use multidomain EV SSL.

    I hope this helps!

    Kind Regards,
    Nastia

Thank NAME, for their help.

Let NAME know exactly why they deserved these points.

Gift a custom amount of points.