SSL Certs on WPX Hosting

Hi! Recently moved to WPX Hosting for a number of reasons including the unlimited SSL Certs offered. But, I've run into some sort of conflict between the Domain Mapping plugin and the way they set up the certs and its causing all sorts of problems. For instance:

Aithene.net is the primary. CathySavino.com is a sub site.

The primary site works fine with the cert in place. However, the sub-site, if preceded with an https throws up a 'not secure, proceed at your own risk' page. If it is typed in without the https, the site redirects to the primary site's home page.

Here's WPXHosting's official video on how to set this up:
https://vimeo.com/166359996

I set up the ssl to secure both the www and non-www names of each of the sites, but only the primary is working.

For instance, the first two sets of domains on the cert are:
aithene.net
http://www.aithene.net
cathysavino.com
http://www.cathysavino.com

When I did this, the SSL set up went perfectly. Currently, I also have the domains set up to run https://
https://www.dropbox.com/sh/ff7wnfy6zazrbxy/AADGLkwj0X1Jl6E81g5s4EaPa?dl=0

But something isn't quite jiving. Unfortunately, I have to step out in about 1/2 hour and will be gone for a couple of hours.

I've gone ahead and granted support access to my site if you'd like to take a look in the meantime. I'd appreciate it if someone can give my settings a look-see and determine if I've done anything wrong.

  • Adam Czajczyk

    Hello Christopher,

    I hope you're well today and thank you for your question!

    As I understand it, there are two issues here. One is "insecure" warning and the other one is a redirect of subsite over http to the main site over https.

    Let's then deal with the first one, first :slight_smile: The browser reports that the site https://cathysavino.com is using invalid certificate. It says that the certificate is valid only for aithene.net and http://www.aithene.net. That points me to the question: does this certificate indeed cover also "cathysavino.com"? I mean: is it a multi-domain certificate?

    Let me know please!
    Best regards,
    Adam

  • christopher_wilson

    Good question.

    So, WPX uses the Free Let's Encrypt SSL solution. We can start by backing up one extra step.
    As you can see from this screen shot, Cathysavino.com is an alias, pointed at Aithene.net. Before I installed the SSL, the Domain Mapping plugin successfully routed visitors to the correct location.
    https://www.dropbox.com/s/fq1mqipn7gq2c2c/Screen%20Shot%202017-04-23%20at%203.45.56%20PM.png?dl=0

    However, from the above image, you can also see that only the primary domain has the SSL dropdown associated with it.

    When I use that dropdown to create a cert, however, it does give me the option to add as many domains and/or subdomains as I need. In this case, in addition to the primary domain, I added two other domains that we can play with:
    https://www.dropbox.com/s/m90dwxn8f4hts2c/Screen%20Shot%202017-04-23%20at%204.01.54%20PM.png?dl=0

    CathySavino.com
    ChrisWilsonIllustration.com

    So, I submitted that, and got confirmation that the SSL was issued, which seems to be the case as the primary site is still secured.

    I left the other two aliases untouched as a 'control group' while we work on the other two.

  • christopher_wilson

    Good morning, folks,

    I'd like to start this with a bit of praise for my new managed WordPress host, WPX Hosting. Apparently while I was asleep last night, they had come across this thread and decided to look into it on their own. I woke up to the following email and with all of my sites once again operational. There are still a few hiccups out there that I need to work out (i.e., some elements of my sites are still not secure) but the certs are working and https seems to have fully kicked in.

    As WPX is one of the only managed WordPress providers out there that supports multisite, and based on what I've seen so far, their customer service is over-the-top great, I would suggest reaching out to see if there's any way for you folks to work together.

    ---
    Hi Christopher,

    We noticed that you were having some issues with the free SSL certificates that we provide from this thread that you opened on WPMUDev:

    https://premium.wpmudev.org/forums/topic/ssl-certs-on-wpx-hosting?utm_expid=3606929-101.TxEXoCfwS1KxJG1JVvj_5Q.0

    Our support team has quickly gone over the issue and fixed it.

    https://cathysavino.com/ - as you can see the website doesn't have a warning anymore.

    The reason that you had one in the first place is that your website is a multisite. What that means is that it's one Wordpress installation with multiple sites stored in it's database.

    If you follow the instructions on our website, the certificate is installed only for the domain that you click the SSL option next to. However in a case of a multisite with aliases, this doesn't work for those aliases.

    What we have done is to add a new set of certificates for your main domain that cover the aliases. Unfortunately this doesn't happen automatically and the aliases will say that the certificate for them is invalid.

    If you need any other sites to be added this way you can contact me back and I'll add them for you. For now I have added all of the aliases that you have with us.

    Unfortunately for now you need to add new ones manually, if you want to know how to do it, let me know and I'll make you a quick tutorial.

    I would advise you to not click the Redirect all Non-SSL Requests as it causes issues with multisites, our developers are working to fix this as we speak. In the meantime you can use the Really Simple SSL plugin, if you aren't already.

    Since we don't have an account with WPMUDev we can't explain the issue in the thread, so can you post an update about it?

    Warm regards,
    Mihail T.
    Technical Support Assistant Manager at WPX Hosting

Thank NAME, for their help.

Let NAME know exactly why they deserved these points.

Gift a custom amount of points.