SSL for multisite not working


#1

SSL has a huge issue with multisite WordPress installations. Option to trust SSL for the website in local works, but only for the main site in the network has valid SSL, and other blogs in the network can’t use this SSL. How this can be fixed?

Milan


#2

Just installed Local and am experiencing a slightly similar issue, I’ve trusted the certificate but still am getting an insecure notice even on the main domain with WordPress Multisite.


#3

Hey @dev4press and @DustinSnider

Can you give a little more information about the setup of the various domains in the network?

For starters, is this a sub-domain install or a sub-directory install?

I’m assuming it’s probably a sub-domain install, but that there are different main domains being used. So for example, is the structure something like this:

mainsite.local (mainsite)
- subsite1.mainsite.local --(mapped)--> secondsite.local
- subsite2.mainsite.local --(mapped)--> thirdsite.local

The certificate that Local registers is a wildcard certificate for the main domain and all subdomains. You can verify that by examining the certificate in the browser:

If you do have a setup like the example above, with different main domains for the subsites, then there isn’t an easy way for Local to get that kind of certificate generated at this time.

I think you would have to manually generate a certificate to cover all of those local domains and register it with the computer.

Let me know a little more about what you are trying to do and if it is different than what I outlined above, I can possibly help point you in the right direction.

– Ben


#4

I am running it as a subdomain I haven’t even setup a subdomain site yet as I’ve never gotten SSL working.


#5

That’s interesting @DustinSnider

What domains are covered when you investigate the certificate using the browser?

  • Click the “Not Secure” text next to the domain
  • Select “Certificate”
  • Click the “Details” arrow to expand, and scroll down to “DNS Name”

I notice in the screenshot that the certificate is for multisite.local.crt but the site name is for PortalMultisite – Did you change the name of the site, or the url of the site after it was created?

– Ben


#6

In my case, SSL is issued for the main domain of the multisite, it is not wildcard SSL, it is for www.domain.local, and that is not working for second.domain.local.


#7

That’s interesting – so in Local, is the “Site Domain” set with the www prefix?

I tried setting up something that sounds similar, and it looks like it created a wildcard cert for *.www.domain.local:

I think that the only workaround to getting SSL working for all of the subsites in Multisite is to update the urls in the DB so that they are subdomains as opposed to different secondary domains.


#8

Yes, if the network is created to domain.tld, SSL is OK. If the network is created and main domain set to www.domain.tld, then the SSL is not valid. This should be obvious for Local to handle, but it doesn’t.


#9

I guess I’m not understanding fully – I was able to get a certificate to cover the www.domain.local site for the example site in the above screenshot.

You’re right that the certificate isn’t generated to handle *.domain.local when the network is created with www.domain.local – this isn’t a use case that Local has been developed for. Local is currently set up to create a certificate for the Site Domain set in local as well as a wildcard for any subdomain under that domain.

– Ben