Wordpress multisite with CNAME


#1

I have a wordpress multisite which works with subdomains. For example main site is something like example.wordpress.com and subsite would be like: site1.example.wordpress.com. I have setup LE license on both. But I have a request that a domain like site1.com should have CNAME site1.example.wordpress.com. Will my existing certificate show in browser when someone checks site1.com or do I need to reissue certificate? Or edit apache?


#2

This depends on how you setup the config files aka vhosts.

If you put all domain in one vhost, you can only use one certificate which visitors will see only your certificate.(since one vhost can only use one certificate)

If you want to show the domains corresponding certificate aka one domain per certificate per vHost, you must setup other vhosts.

In short:
If you want to use one vHost for all domain, you will need to reissue one certificate when a new domain joined. (Which is a painful work)

My suggestion:
Setup one vhost for each domain and issue one certificate per vHost. (It will have the same effect on WP, you just have more flexibility on virtual hosts and certificates (the visitor will see the corresponding domain instead of your mian site).
(THIS REQUIRE SNI SUPPORT)

Thank you


#3

I can use --expand flag on certbot when a new sudbodmain is made i.e. it’s not that painful if I need to expand example.wordpress.com with site1.example.wordpress.com subdomain. But I think that issuing one cert for two different domains won’t work i.e.

sudo certbot certonly --authenticator webroot --installer apache -w /var/www/example -d example.wordpress.com -d site1.com --expand

The multiple vhost solutions seems to be the best then. But then I’ll have to serve site through reverse proxy, which means that I do not need CNAME.

Thanks @stevenzhu :blush:


#4

You can use one cert to include Alternate domains up to 200(I believe) Which can include wildcard domains and other domains (subdomain of existing domain as well as other domains, if you can verify the ownership)

Thank you


#5

Thank you! I didn’t know that.


#6

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.