I’m running into an issue I haven’t had yet. We just migrated a client’s site over to our trellis instance, the site has 3 subdomains and another domain mapped to it as well (using this plugin). I’d like to add ssl to the main domain, subdomains, and the mapped domain. I haven’t seen much info on how to do this, except for this post by @Simeon who seemed to have a similar question. I’ve followed the same setup he outlined, but on provisioning only the main domain gets an ssl cert by letsencrypt.
Here’s the wordpress_sites config:
- canonical: example.com
- canonical: sub1.example.com
- canonical: sub2.example.com
- canonical: sub3.example.com
- canonical: example2.com
Our trellis version was last updated Nov 11, 2016, here’s the last commit.
Am I doing something wrong, or is this feature not available to trellis at that point in time? I know we’re pretty out of date, updating has been on my tasklist for months . I can provide more info if needed!
That looks correct. Our docs also have a mention of it: https://roots.io/trellis/docs/multisite/
I can’t guarantee that updating Trellis would fix it, but I’d suggest doing that anyway since there have been a few fixes related to LE and SSL.
Did you add those hosts after your first provision? Then re-provision? Or have you tried doing this on a new server on the first provision?
Ok wow, I must have missed that in the docs, even though I’ve read them a few times… Yeah these hosts were just added, we use one trellis instance for all of our sites. I’ve reprovisioned a few times with this config, still nothing different. Is there anywhere I could verify that the ssl certs definitely weren’t generated? /etc/nginx/ssl/letsencrypt doesn’t have certs for the subdomains. I also see no difference in the site .conf compared to another site, except for the multiple domains in the server_name var.
I’m hesitant to update, as I know there were a few breaking changes in between. Just that it will take me a while to get the code updated, new servers provisioned, and testing to make sure everything is ok. Is there a trellis way to manually generate the certs or should I just use the letsencrypt tool? I’d like to keep them auto renewed as well if possible.
Thanks for your help!
Btw I fixed it. For anyone wondering, these instructions did the trick. Probably not relevant anymore as my trellis instance is so out of date, but good info regardless.