Since the Google announcement that https and a valid SSL certificate will help towards your SERPS and website rankings, theres been a definitive shift towards ensuring all sites are https compliant. Having an SSL certificate when operating a Wordpress Multisite with mapped domains, until recently, has been impossible due to the constraints of how the certificates are installed, AND by the requirements of them.
Our whole platform is based on a WordPress Multisite and getting SSL certificates that could be used across the platform, and comply with the requirements, was something that posed a significant problem to us. From our research, it has been a huge problem for other site owners running the same type of system too and whilst there are many guides, none of them seem to fit the bill for what we required.
The problem with running a WordPress Multisite with mapped domains, is that you need a particular type of certificate, something with the ability of SAN or Subject Alternative Name. This is basically telling the world that your website runs under various different names (your mapped domains).
Any other type of SSL certificate simply won’t work with a WordPress Multisite with mapped domains because the certificate needs to be installed in the document root of the site, and since mapped domains don’t have one, you can’t use the certificate, and as such, can’t transfer to HTTPS for your sites.
Running WordPress Multisite with Mapped Domains
Delving into the reasons why is not something we’re going to cover in this guide. What were interested in is learning how to run a WordPress Multisite with mapped domains and adding a LetsEncrypt Free SSL Certificate.
In writing this guide, we’re going to make some assumptions both on your technical ability, and your server setup:
- You already have a WordPress Multisite Setup.
- This only works with Sub-Domain installs, Sub-directory multisite don’t need to follow this guide.
- You have root access to your server.
- You are running at least a VPS / Dedicated server.
- Our guide to running WordPress Multisite with mapped domains is based on running CPanel, Apache and the latest version of the LetsEncrypt installer.
- You have a dedicated IP address for the Multisite.
- You have technical knowledge and experience.
- You are using LetsEncypt to secure your Multisite.
1. Change Your NameServers Of The Domain To Be Mapped
Firstly log in to your registrar and change the name servers of the domain you are mapping to match the name servers of your server.
- In our case we have renamed our nameservers to suit our brand.
- Our registrar is different to our hosts.
2. Create an Add-on Domain
Login to you Cpanel account and find the section that allows you to create an add-on domain.
- Create your new domain
- Remember the name of the subdomain (you’ll need this later)
- Ensure that the ‘document root’ is set to public_html (the root of the main multisite domain)
- You don’t need to create FTP details or anything else so simply click add domain.
3. Create the Multisite Sub-Domain
Now proceed to your multisite installation and create the sub-domain account that you will be using to map your new domain to.
- Use the sub-domain you previously set for the Add-on domain.
4. Map Your Add-on Domain
Go to the domain mapping section of you Multisite and MAP your new domain.
- Ensure you check to confirm the DNS validation health status is showing as ‘VALID’
5. Check Your Newly Mapped Domain Is Working Correctly
View your add-on domain in a different browser to confirm that its working correctly.
- Some of our multisite options are preset meaning for example that the entered domain is used for the domain mapping etc.
6. SSH into the server to get the certificates.
Run the LetsEncrypt SSL certificate process paying particular attention to adding the ”–expand’ clause, together with adding each and every domain you want to add to the certificate.
- This will create a SAN SSL certificate and add every domain to the main certificate.
- You’ll need to add ALL domains you wish to secure at the same time as LetsEncrypt generates a new certificate each time.
Allow the process to completely run, ensuring that all the required certificates are shown.
(skipped step)
Once installed, LetsEncrypt will ask if you want to create a redirect to the HTTPS version of each domain, in this example we have clicked NO as it was already running HTTPS.
6. Restart the Apache Server
Restart your Apache web server either from the command line as shown, or by restarting it within your Cpanel account.
7. Convert the site to redirect to HTTPS
Go back to your multisite settings for domain mapping, and click the key to activate the HTTPS variant of the new site you have just added.
8. Visit Your Now Secured Site
In a different browser, go to your new website to find it is now secured by your SSL Certificate.
9. Confirm The Certificate Matches
Your SSL certificate will resolve to the main domain on your site.
Click the details section and scrolling down along there certificate will show that the SAN names relating to this certificate are attached, including your newly created mapped domain.
