MarketPress, Multisite and SSL

The latest update is fantastic because now I can offer my subsite sellers access to different payment gateways instead of just PayPal chained payments.

Now that I can do this, I need to get a better understanding of SSL. I haven't used it before, but I understand what it is - how does it work with MarketPress?

I've opened up the following gateways to higher level Pro Sites members: Stripe,, MoneyBookers, PayPal Express, and PayPal Payflow. I know that some of these (at Stripe and Authorize) require SSL certificates.

If I install an SSL certificate on my server (I would just pay my hosting provider to set it up for me), how does it work for the subsites, and how does it work with Domain Mapping? What kind issues do I need to be prepared for and anticipate? Is there a tutorial available for using SSL on a multisite with the different gateway variations?


    Hiya Saunt Valerian,

    That is a good question. An SSL certificate is assigned per domain. If you wanted to map across subdomains you'd have to get a wildcard certificate which can be rather expensive.

    If you were providing domain mapping, it gets crazy complex. We have another thread on this that may be worth a read:

    The different gateway variations won't matter. A page is either secure or it isn't. I personally have only done this with single-sites where I enable payment pages to be secure using this plugin:

    It works really well, but again, I haven't tried this with any domain mapping.


    We've struggled with this as well. Since we don't want to assign an dedicated IP to each site, we're likely going to build a plugin that will enable users to "unmap" pages with a checkbox option on the edit page for pages that we want to be run using SSL that will enable them to go from to so that they can use the wildcard SSL for ..... for sensitive pages like carts and applications ...

    Saunt Valerian

    @tracy - keep us updated on this, since that is a very clean solution. Can't remember right now though If marketpress checkout pages are available in the backend. I think they are dynamically created, which causes a problem with using a checkbox in the backend.


    Greetings Tracy and Saunt Valerian,

    This is very easily accomplished without a plugin by simply using an Apache redirect from the hosting control panel to send even an unmapped domain to the sub domain containing the SSL certificate or a portion thereof as indicated below - no smoke and mirrors needed here.

    i.e. redirect -->

    Also a simple htaccess 301 redirect will do the same though I prefer the server side solution myself.

    I am closing this ticket considering the content of the ticket and workable options given therein to solve this.

    Cheers, Joe


    Sorry to reopen this can of worms but I am not quite understanding. I bought an SSL certificate from my hosting company. Of course now when I use multisite to create a subdomain (so I can use Pro Sites) a message pops up prompting people to not go to that subdomain address because it is not verified. I see the wildcard option from Verisign / Symantec is about $2000 per year which is outrageous.

    Isn't there a way to ONLY apply the SSL cert for registration, login and purchase pages so the remainder of the time there are no issues?

    Please advise!

    Timothy Bowers

    It's not really outrages considering the level of protection and the amount of sites it could potentially cover.

    If you want it to work on all sites, all sub domains then you'll need to get a wild card one.

    It won't work for mapped domains if you're thinking about that, they would need their own cert or an even more expensive server level one.

    You can get much cheaper wildcard SSL certs, for example £80 in the UK (Where I'm based):

    There should be US options out there too.

    As this is an old thread, to be sure we don't miss any responses please feel free to open a new thread for further discussion if you need.

    Take care and have a great day!