Trellis Multisite SSL config


#1

i have a trellis / bedrock multisite installation, the 3 sites use letsencrypt on staging but on production they all have their own ssl certificate. in the wordpress sites file for production there seems to be no way of adding a separate setting for each site, any ideas how i get around this? thanks


#2

I assume your multisite is using subdomains or domain mapping, because subdirectories shouldn’t need multiple certs.

I’ve had it on my radar to revamp things in Trellis so a site’s given site_hosts could each specify different ssl certs/keys, providers, etc., but there is no such built-in functionality at present. I believe you would need to get your certs on the server and perhaps try a child template modifying the https block, perhaps mapping each $http_host to its appropriate cert/key. There could be many approaches.

However, it sounds like you have it working with Let’s Encrypt on staging. Is there some reason you don’t want to use Let’s Encrypt on production?

wordpress_sites:
  example.com:
    site_hosts:
      - canonical: aaa.example.com
      - canonical: bbb.example.com
      - canonical: mapped-domain.com
    multisite:
      enabled: true
      subdomains: true
      cron: false
    ssl:
      enabled: true
      provider: letsencrypt

Something like the example above would probably work.