SSL on sub subdomain multisite setup

I have a WordPress multisite setup as subdomains of a subdomain, i. e., blog1.site.domain.tld. The main site is at site.domain.tld and my sysadmin has installed a wildcard SSL for *.site.domain.tld. All of the sites in the network are secure but the main site at site.domain.tld is not and gives a warning with this setup. This is problematic as users login on the main site to access their other sites and having a big old security warning is not cool. How can one go about securing the main site and the network sites? I have the same setup on my personal DreamHost VPS that I use for testing with the addition of Domain Mapping in the mix. I'm just now trying to play around with securing the DreamHost setup as a way to test the work related setup.

Not sure I can grant access to the site as my sysadmin has the login set to require people to have a campus IP.

Thanks.

  • Kasia Swiderska
    • Support nomad

    Hello wooster,

    It looks like your sysadmin only installed *.site.domain.tld but not site.domain.tld certificate. If you go to the main site you will see that message there is:

    site.domain.tld uses an invalid security certificate. The certificate is only valid for *.site.domain.tld.

    They need to install cert for the main domain also.

    kind regards,
    Kasia

  • wooster
    • Design Lord, Child of Thor

    Thanks. I thought the sysadmin told me that under a multisite it was not possible to have two different certificates pointing at the same WordPress installation. Is there some documentation someplace for Apache on associating two certificates with one multisite setup? Do they need to do a SAN (Multi-domain) SSL ceertificate?

    • Rupok
      • Support Ninja

      Hi wooster,

      I'm not very expert on server administration, but I've seen in cPanel that you can install multiple SSL Certificates under the same cPanel accounts. For example, you can install SSL Certificates individually for the main domain, for individual subdomains and also for individual addon domains. So it should be possible to install another SSL certificate for the "site.domain.tld" subdomain itself.

      I believe that will help. Please let us know if you still have any confusion. We will be very glad to help further.

      Have a nice day. Cheers!
      Rupok

  • John
    • Design Lord, Child of Thor

    I have a network of multisites (multi network) with different domains plus mapped domains in some of the multisites. They all use the same WP core files and I have numerous wildcard certificates as well as single domain SSL certificates installed. This all works without any warnings in any browser.

    I do suggest that you install the certificate first and then install WP at the https address. If you install the SSL certificates after the fact you need to dive into your database and edit the root address of your site from http to https. (this can be found in the wp_options table [where wp_ is the prefix of your db]) If you don't your site will insert the image links from your media library with http instead of https and you'll get warnings in your browser.

    Quite a numbers of webhosts offer free certificates from Let'sEncrypt and they are added though a simple menu in cPanel. Alternatively, if your web host doesn't offer Let'sEncrypt (like HostGator) you can manually install them by generating them at sslforfree.com. They both offer wildcard SSL for free. Of course this is only Domain validation, not level 2 or 3.

    As long as the server is setup to allow multiple SSL certificate per IP address it should work. Any good host should allow multiple Certificates per IP address since SSL is pretty much a requirement today.

Thank NAME, for their help.

Let NAME know exactly why they deserved these points.

Gift a custom amount of points.