400 Bad Request after installing LetsEncrypt SSL on WordPress Multisite installation


Hey there,

I am an old lover of Let’s Encrypt and have used it for dozens of projects. So, first of all, thank you for creating this.

Most of my WordPress installations are single site installation. Have successfully installed multisite as well but without Let’s encrypt SSL support.

This question is about the issues I am having with WordPress Multisite installation with Subdomain, domain mapping and Let’s Encrypt SSL installation capabilities on each subdomain and mapped domains.

Everything works perfectly. The only issue I am facing is - Whenever I type domain.com or http://domain.com or http://www.domain.com ( all without HTTPS) it shows:

‘400 Bad Request’ ( The plain HTTP request was sent to HTTPS port)

talled WordPress Multisite with subdomain with fast-CGI like this:

ee site create domain.com --wpsubdom --wpfc

After successful installation, installed domain mapping plugin ( from WPMUDEV), configure it by moving sunrise.php and setting up wp-config.php

In wp-config.php, I write:

define( ‘NOBLOGREDIRECT’, ‘http://www.presspeace.com’ );
define(‘SUNRISE’, ‘on’);

To point my server IP to my primary domain, Added this line to /etc/hosts ( it is needed for proper domain mapping)

43.228.XXX.6 domain.com www.domain.com

After this, I ran:

sudo nginx -s reload

but then I get this error:

unable to resolve host cloudrino

So, to resolve this error, I ran the following command to fix this:

hostname server.domain.com

Uncommented these two lines from etc/nginx/site-available/ as needed for domain mapping:

Uncomment the following line for domain mapping

listen 80 default_server;

server_name presspeace.com   *.presspeace.com;

# Uncomment the following line for domain mapping
server_name_in_redirect off;

Removed “default” configuration from /etc/nginx/sites-enabled


ee stack restart --all
ee clean --all to clear all types of caching.

As of now, everything was working perfectly well, I was able to create new subdomain sites and then map it to external primary domain. So, Now I can open :slight_smile:
domain.com ( primary site)

Now, I started configuring Let’s Encrypt Multiste installation.

Since, Let’s Encrypt officially doesn’t support SSL installtions for each subdmains or mapped domain on a multisite. So, the EasyEngine way of Let’s encrypt installation doesn’t work here.

So, based on tutorial written here: https://easyengine.io/tutorials/nginx/letsencrypt/ and http://community.rtcamp.com/t/create-ssl-with-multisite-domain-mapping/7935/9

I installed Let’s encrypt SSl like this:

Ran this command:

git clone https://github.com/letsencrypt/letsencrypt
cd letsencrypt

Now ran this:

./letsencrypt-auto certonly --webroot -w /var/www/domain.com/htdocs/ -d domain.com -d sub1.domain.com -d mappeddomain1.com -d mappeddomain2.com --email myemail@gmail.com --text --agree-tos

The work was not yet over.

Now, I needed to configure these certificates, based on tutorial: https://easyengine.io/tutorials/nginx/letsencrypt/

I noticed I don’t have any ssl.conf file at /var/www/domain.com/conf/nginx/ssl.conf ( Don’t know why? Do I manually need to create it or have I done any mistake above? )
So, created a new ssl.conf file and added this line here:

listen 443 ssl http2;
ssl on;
ssl_certificate /etc/letsencrypt/live/domain.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/domain.com/privkey.pem;

I also wanted HTTP to HTTPS redirection , so created force-ssl.conf file at /etc/nginx/conf.d/force-ssl.conf
and add following Nginx config into it:

server {
listen 80;
server_name www.domain.com domain.com;
return 301 https://domain.com$request_uri;

and then at last, reloaded Nginx

nginx -t && service nginx reload

Now when I checked my sites, I noticed that the SSL certificates have been installed correctly on all mapped domain, subdomains and primary domain. So, I was able to open:

https://domain.com ( primary site)

But when I simply tried to write these domains/subdomains without HTTPS, it gave this error:

400 Bad Request

The plain HTTP request was sent to HTTPS port

So, the redirection was not working, I read a lot many articles, tutorials… modified ssl.conf and force-ssl.conf based on it. Tried everything, but still not able to avoid this error.


Here are my code details for various important file type:

This is /etc/nginx/sites-enabled/domain.com or /etc/nginx/sites-available/domain.com

server {

# Uncomment the following line for domain mapping
listen 80 default_server;

server_name presspeace.com   *.presspeace.com;

# Uncomment the following line for domain mapping
server_name_in_redirect off;

access_log /var/log/nginx/presspeace.com.access.log rt_cache; 
error_log /var/log/nginx/presspeace.com.error.log;

root /var/www/presspeace.com/htdocs;

index index.php index.html index.htm;

include common/wpfc.conf;      
include common/wpcommon.conf;
include common/locations.conf;
include /var/www/presspeace.com/conf/nginx/*.conf;
subs_filter http:// https://;


This is /var/www/presspeace.com/conf/nginx/ssl.conf

listen 443 ssl http2;
listen [::]:443 ipv6only=on ssl http2; #add ipv6 support
ssl on;
ssl_certificate /etc/letsencrypt/live/domain.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/domain.com/privkey.pem;


server { listen 80; listen [::]:80; server_name domain.com *.domain.com; return 301 https://$server_name$request_uri; }


Thank you.


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.