wildcard ssl support for wordpress multisite ( create site or update site) about wordops HOT 8 CLOSED

for WPMU sites, it would be great if ssl can be installed or updated automatically

from wordops.

This is a welcome feature. Since we switched to 'ACME.sh' the feature is already in the base - just need to adopt it in WordOps.

For the WPMU sites, would you like to have a certificate on a per domain basis, or one certificate with each domain as a SAN (alternative name)?

from wordops.

i'm not sure ,because I don't know which is better.

I just use free ssl from let's encrypt so that chrome don't says it's 'not secure'

the certificate need to renew automatically.

from wordops.

Hi Jeroen,

First, I want to thank you for this great fork/work.

I think it is better to have single certificate for all multisite sub.domains. Or choice of both.
When using wildcard, I do not think that is possible to have certificated sub-domains on more than one server/IP.

See how is this plugin is WAS working:
https://wordpress.org/plugins/wp-encrypt/
https://github.com/felixarntz/wp-encrypt

Maybe this helps
https://community.easyengine.io/t/letsencrypt-on-multisite-setup/8123/8

from wordops.

One question: when using domain mapping (like main instance is domain1.com and second instance inside multisite network is domain2.com etc.), will this also work? How is wo with letsencrypt being used then?
Under ee I was setting up separate vhosts per domain and changed the domain2.com's root config to point to my multisite's main domain root. Had to set it back to the domain's own root before being able to update the letsencrypt cert.

from wordops.

Hello @s-a-s-k-i-a,
currently it will be pretty similar with WordOps excepted you will not have to update your vhost each time for letsencrypt renewal because it should work properly even with modified root directory. You can also use the DNS API validation to not have to care about acme challenge anymore.

from wordops.

HEj @VirtuBox
Thanks for your reply.
hm.. it seems to not work.. I migrated an ee server to wo where a multisite is set up.
Ran
wo site update domain.com --wpsubdomain --wprocket
then
wo site update domain.com --php73
then tried
wo site update domain.com --letsencrypt
it is giving me:
SSl is already configured for given site
Because I set up non le certs manually for this vhost. When I try and comment out the ssl config for that vhost and reload nginx, I am getting errors like what I described in my post in chat.wordops.com

Also I am seeing such response for a subdomain with another top-level domain under a separate vhost I am trying to set up letsencrypt with.
it is a bit complex I think:
root@myserver:~# wo site update srv.my-domain.de --letsencrypt
local variable 'iswildcard' referenced before assignment

from wordops.

Please open another issue with all informations you have and describe each usage case. I will investigate on this as soon as I'm back at work

from wordops.