WordPress multisite (MU) Domain Mapping


I have a WordPress multi-site setup on my VPS that has Let’s encrypt on it. The main domain (https://zonk.be/) is working without a problem. I have a few sub domains that are mapped to different sites in the same WordPress (via the domain mapping plugin). I have made ServerAlias for all the subdomains (barrio.zonk.be psi36.zonk.be psylo.zonk.be) and ran ./letsencrypt-auto --apache after relaoding apache2, to make certificates for all. But since psi36.zonk.be for instance, resolves to zonk.be I get a Privacy error in Chrome:

This server could not prove that it is psi36.zonk.be; its security certificate is from www.zonk.be. This may be caused by a misconfiguration or an attacker intercepting your connection.

How could I resolve this?


The certificate you’ve made (and/or is served for psi36.zonk.be) is only valid for www.zonk.be and zonk.be.

You either:

  1. Add all the (sub)domains to the same certificate by adding all (sub)domains to the command to the Let’s Encrypt client with multiple -d switches, or;
  2. If you have multiple certificates for the different (sub)domains, you should have different <VirtualHost *:443> directives (all pointing to their respective certificate), so Apache can serve the right certificate for the right hostname. Assuming you’ve only got one IP(v4) address, this will be using the technique called Server Name Indication (SNI).