Automatically aplly letsencrypt cert to new sudomain in multisite
To automatically apply a Let's Encrypt certificate to new subdomains in a multisite WordPress installation, you can use a combination of plugins and configuration files. Here's a step-by-step guide:
Prerequisites:
- You have a multisite WordPress installation with subdomains (e.g.,
example.com,sub1.example.com,sub2.example.com, etc.). - You have Let's Encrypt installed and configured on your server (e.g., using Certbot).
- You have the
wp-letsencryptplugin installed and activated on your multisite WordPress installation.
Step 1: Configure wp-letsencrypt
In your wp-config.php file, add the following code to enable Let's Encrypt for your multisite installation:
define('WP_LETSENCRYPT multisite', true);Step 2: Create a custom function to generate certificates for new subdomains
Create a new file in your wp-content/mu-plugins directory (e.g., letsencrypt-subdomain.php) and add the following code:
<?php
function letsencrypt_subdomain_certificates() {
// Get all subdomains
$subdomains = get_sites(array('network_id' => 1, 'blog_id' => 0));
// Loop through each subdomain
foreach ($subdomains as $subdomain) {
// Get the subdomain URL
$subdomain_url = network_site_url($subdomain->domain);
// Check if the subdomain has a certificate
$cert = get_option("letsencrypt_{$subdomain_url}_cert");
// If the subdomain doesn't have a certificate, generate one
if (!$cert) {
// Get the Let's Encrypt client
$client = new WP_LETSENCRYPT_Client();
// Generate the certificate
$cert = $client->getCertificate($subdomain_url);
// Save the certificate
update_option("letsencrypt_{$subdomain_url}_cert", $cert);
}
}
}
add_action('wpmu_activate_blog', 'letsencrypt_subdomain_certificates');This function loops through each subdomain, checks if it has a certificate, and generates one if it doesn't. The wpmu_activate_blog action hook is used to run this function when a new subdomain is created.
Step 3: Configure Certbot to use the custom function
In your certbot configuration file (usually certbot.conf or certbot.ini), add the following lines:
[letsencrypt]
certbot_command = /usr/bin/certbot
certbot_args = --agree-tos --email [email protected] --non-interactive --expand --domains -d example.com,sub1.example.com,sub2.example.comReplace example.com, sub1.example.com, and sub2.example.com with your actual subdomains.
Step 4: Run Certbot
Run the following command to generate certificates for all subdomains:
certbot certonly --webroot --webroot-path=/var/www/html --email [email protected] --agree-tos --non-interactive --expand --domains -d example.com,sub1.example.com,sub2.example.comThis command will generate certificates for all subdomains and save them in the wp-content/letsencrypt directory.
Step 5: Configure WordPress to use the certificates
In your wp-config.php file, add the following code to enable SSL for all subdomains:
define('FORCE_SSL_ADMIN', true);
define('FORCE_SSL_LOGIN', true);This will enable SSL for all subdomains and ensure that all requests are served over HTTPS.
That's it! With these steps, you should now have Let's Encrypt certificates automatically applied to new subdomains in your multisite WordPress installation.