Wordpress Multisite is Forcing SSL on New Sites

I've created a Wordpress Multi-site installation, and want to allow users to create sites and sell products online. I had bluehost install a wildcard SSL certificate to the domain. Now, every new site is being registered at https://customersite.thefitbase.com. They can go to http://customersite.thefitbase.com and get directed to the https site. That's all fine until someone wants to map their domain to the site, and customersite.com goes to a blank bluehost page, and https://customersite.com gets a warning that the SSL cert is for *.thefitbase.com.

I'm trying to find the simplest solution for the largest number of customers, most of whom will be using MarketPress to sell their services. Does everyone need to be SSL right off the bat? Do I need to install new certs for each one even if they aren't doing ecommerce?

Thanks in advance!

Here is my current .htaccess

# Use PHP5.4 as default
AddHandler application/x-httpd-php54 .php

RewriteEngine on
RewriteCond %{HTTPS} !=on
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R,L]

RewriteCond %{HTTP_HOST} ^thefitbase.com$
RewriteRule ^(.*)$ https://www.thefitbase.com/$1 [R=301]

# BEGIN WordPress
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]

# add a trailing slash to /wp-admin
RewriteRule ^wp-admin$ wp-admin/ [R=301,L]

RewriteCond %{REQUEST_FILENAME} -f [OR]
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule ^ - [L]
RewriteRule ^(wp-(content|admin|includes).*) $1 [L]
RewriteRule ^(.*\.php)$ $1 [L]
RewriteRule . index.php [L]

# END WordPress