Wildcard SSL Information Needed

Hey guys,

So I'm building out a site currently in the mold of an Edublogs. User signs up, gets a free subdomain site. I'd like to protect these sites with HTTPS, however I'm getting a lot of conflicting information via my hosting provider on how this will work.

Full disclosure, I'm working with HostGator and found out after purchase that they don't offer any support for WordPress Multisites anymore, so any information I have gotten from them when needing help from their support staff has been spotty at best.

Anyhow, their explanation on how Wildcard SSL will work from them is that once you protect the wildcard domain you then get 5 subdomains free but after that, they'll charge $5/per subdomain after that for installation of the SSL's on that subdomain. Obviously on a site offering free signup for subdomained sites, this simply isn't a sustainable business plan for a startup.

I've read this article on SSL Certs and Multisites:

https://premium.wpmudev.org/blog/ssl-domain-mapping/

This doesn't seem to suggest anything of the kind would be happening like that. I had assumed that a wildcard SSL would act in the same manner as a wildcard domain, that it would basically be a catchall to cover everything that could be created.

Can anyone clear this up for me? If I buy a third party Wildcard SSL (buying through HostGator is MASSIVELY overpriced) and install it, will that cover any and all potential subdomains that could possibly get created?

Thanks

    • Mark

      Tyler Postle

      Thanks for the quick reply. Yeah, I'm not a full SSL expert by any means, but I've set up enough myself to know that it's not very difficult, even having to do every bit of it manually. When I talked to support about it, they gave a very vague answer about why they charge the $5 fee per subdomain and basically blamed it on Comodo. And again, given my experiences with them, to say their support for WP Multisites is lacking is a massive understatement. Also, having myself worked for big tech firms before, I'm well aware of these small "service" fees and how little work actually is required to perform the actions they're charging for.

      More so than that though, it just didn't make much sense to me why they'd have to "install" an SSL for every subdomain if it's a wildcard SSL for my *.mysite.com wildcard dns. Seems like the wildcard SSL would protect any potential subdomain name created just as the wildcard dns allows for the user to create any subdomain they wish.

Thank NAME, for their help.

Let NAME know exactly why they deserved these points.

Gift a custom amount of points.