SSL for multisite not working

SSL has a huge issue with multisite WordPress installations. Option to trust SSL for the website in local works, but only for the main site in the network has valid SSL, and other blogs in the network can’t use this SSL. How this can be fixed?

Milan

1 Like

Just installed Local and am experiencing a slightly similar issue, I’ve trusted the certificate but still am getting an insecure notice even on the main domain with WordPress Multisite.

Hey @dev4press and @DustinSnider

Can you give a little more information about the setup of the various domains in the network?

For starters, is this a sub-domain install or a sub-directory install?

I’m assuming it’s probably a sub-domain install, but that there are different main domains being used. So for example, is the structure something like this:

mainsite.local (mainsite)
- subsite1.mainsite.local --(mapped)--> secondsite.local
- subsite2.mainsite.local --(mapped)--> thirdsite.local

The certificate that Local registers is a wildcard certificate for the main domain and all subdomains. You can verify that by examining the certificate in the browser:

If you do have a setup like the example above, with different main domains for the subsites, then there isn’t an easy way for Local to get that kind of certificate generated at this time.

I think you would have to manually generate a certificate to cover all of those local domains and register it with the computer.

Let me know a little more about what you are trying to do and if it is different than what I outlined above, I can possibly help point you in the right direction.

– Ben

I am running it as a subdomain I haven’t even setup a subdomain site yet as I’ve never gotten SSL working.

That’s interesting @DustinSnider

What domains are covered when you investigate the certificate using the browser?

  • Click the “Not Secure” text next to the domain
  • Select “Certificate”
  • Click the “Details” arrow to expand, and scroll down to “DNS Name”

I notice in the screenshot that the certificate is for multisite.local.crt but the site name is for PortalMultisite – Did you change the name of the site, or the url of the site after it was created?

– Ben

In my case, SSL is issued for the main domain of the multisite, it is not wildcard SSL, it is for www.domain.local, and that is not working for second.domain.local.

1 Like

That’s interesting – so in Local, is the “Site Domain” set with the www prefix?

I tried setting up something that sounds similar, and it looks like it created a wildcard cert for *.www.domain.local:

I think that the only workaround to getting SSL working for all of the subsites in Multisite is to update the urls in the DB so that they are subdomains as opposed to different secondary domains.

Yes, if the network is created to domain.tld, SSL is OK. If the network is created and main domain set to www.domain.tld, then the SSL is not valid. This should be obvious for Local to handle, but it doesn’t.

I guess I’m not understanding fully – I was able to get a certificate to cover the www.domain.local site for the example site in the above screenshot.

You’re right that the certificate isn’t generated to handle *.domain.local when the network is created with www.domain.local – this isn’t a use case that Local has been developed for. Local is currently set up to create a certificate for the Site Domain set in local as well as a wildcard for any subdomain under that domain.

– Ben

This is exactly what is happening for me. I created a multisite multisite.local, and the only domain name that has SSL support is multisite.local. I can’t access demo.multisite.local. I can’t even access www.multisite.local without an error:

The certificate is not a wildcard. This is on 5.2.2+2248.

The below image shows what I think is missing, comparing an old cert from 3.x and a new one from 5.x. In the old one, there is an actual wildcard DNS Name (eg: *.multisite.local) in the cert.

1 Like

I tried generating my own cert, but haven’t been able to get that to work at all yet.

/Users/[username]/Library/Application Support/Local/run/router/nginx/certs

I’m having the same issue too jake. It’s only issuing the SSL for the root domain, not a wildcard.
I’ve updated to version 5.2.4+2399 - but that didn’t fix it either.

1 Like

Having the same issue. There is no wildcard for certificate, it’s just the root domain twice, same as in jake’s last screenshot.
Running 5.2.4+2399, fresh install, fresh site.

1 Like

+1 Just run into this last night as well.

1 Like

Hi, @ben.turner

I’m on 5.2.8+2771 and I’m seeing the same thing.

1 Like

+1

Does someone know of a workaround at least? My multisite install in Local also did NOT create a wildcard SSL cert, so my subdomain sites don’t work properly.
In the old version of Local I was able to manually create an SSL cert and route, but with the new version anything you put in the ~/Application Support/Local/run/router/nginx/certs folder gets automatically removed.

1 Like

I have this problem - is there a fix please? Seems like lots of people in the same sitution

1 Like

As far as I can see @ben.turner is does not create for wildcard sub-domain

Still a problem. Sucks, but have to revert to other local server solutions. This is breaking too many things.