Steps to get EE WP Multisite (Subdirectory) + Redis install, Domain Mapping and Let's Encrypt (Wildcard) working


So I am getting ready to do an EE install using

sudo ee site create --wpsubdomain --wpredis | # install WordPress (multisite) on

Question #1: does adding “–dm” to the WP Multisite install commands actually add Domain Mapping because I see some messages refer to that and some folks refer to a plugin post install… (if plugin this which one is it exactly?)

Once I am done installing the WP Multisite (and the proper way to install Domain Mapping) I want to add Let’s Encrypt (Wildcard) to my domain

Question #2: How do I add or get Let’s Encrypt to recognize, *, and pointing to a custom domain like

(Note: I’ve already - added the * entry to my Digital Ocean A Record added the www to my Digital Ocean CNAME record tried on my last install to mess with NGINX Server blocks but broke my website)



Currently there is no way to issue SSL certificates for all your subdomains with EasyEngine.

I have published the script I’m using to issue wildcard SSL certificates with Easyengine on Github, and it should work properly with wp multisite :


Hi @virtubox, I am following your comments and posts everywhere and I must thank you for being such a valuable member of this community along with @portofacil who also keep publishing insightful comments here.

Few things,

I have been trying to successfully install Let’s Encrypt SSL for all subdomains and mapped domains since long now ( thread - 400 Bad Request after installing LetsEncrypt SSL on WordPress Multisite installation and Non-www to www redirect on Multisite created using EasyEngine etc. ) But sometimes, when sub-domain was working, I was unable to make mapped domain work or if everything seem to be working, I started facing wring SSL or redirect or infinite loop issues etc. I couldn’t make it work perfectly so that I can start my WP-engine kind of business.

Here is what I want- Install Let’s Encrypt in such a way that,

  1. The primary domain can have SSL installed
  2. If a new user creates a new subdomain ( like ) the SSL can get installed and validated automatically on it ( new Let’s encrypt wildcard functionality can do this)
  3. If the new user further wants to map their own custom domain for the subdomain, the SSL can get installed/activated for new mapped domain as well ( like CNAME to ) automatically ( probably it needs SAN functionality)

Can I achieve these things using your Bash script mentioned above? or will it only work for subdomains, not mapped domains?

If not, what else should I do to get the mapped domain functionality?

Your tutorial also says that “Wildcard certs are only available with Cloudflare DNS API” do I need a paid plan of Cloudflare to get the DNS API or even free plan will work? Also, when Wildcard is now officially supported by Let’s Encrypt, why do we need Cloudflare’s help to make it work? Is it because of the limitations of EE V3?

Do I also need to use WP plugin like "WPEncrypt’ plugin to renew the let’s encrypt SSL or your bash script automatically takes care of auto-renew cron jobs?

Please help me understand this. Thank you so much.


I’m looking at it now. Thanks. Will follow up with questions once I get a grasp of the instructions.