I am following your comments and posts everywhere and I must thank you for being such a valuable member of this community along with @portofacil who also keep publishing insightful comments here.
I have been trying to successfully install Let’s Encrypt SSL for all subdomains and mapped domains since long now ( thread - 400 Bad Request after installing LetsEncrypt SSL on WordPress Multisite installation and Non-www to www redirect on Multisite created using EasyEngine etc. )
But sometimes, when sub-domain was working, I was unable to make mapped domain work or if everything seem to be working, I started facing wring SSL or redirect or infinite loop issues etc. I couldn’t make it work perfectly so that I can start my WP-engine kind of business.
Here is what I want- Install Let’s Encrypt in such a way that,
- The primary domain can have SSL installed
- If a new user creates a new subdomain ( like vitrubox.wordpress.com ) the SSL can get installed and validated automatically on it ( new Let’s encrypt wildcard functionality can do this)
- If the new user further wants to map their own custom domain for the subdomain, the SSL can get installed/activated for new mapped domain as well ( like vitrubox.wordpress.com CNAME to vbox.com ) automatically ( probably it needs SAN functionality)
Can I achieve these things using your Bash script mentioned above? or will it only work for subdomains, not mapped domains?
If not, what else should I do to get the mapped domain functionality?
Your tutorial also says that “Wildcard certs are only available with Cloudflare DNS API” do I need a paid plan of Cloudflare to get the DNS API or even free plan will work? Also, when Wildcard is now officially supported by Let’s Encrypt, why do we need Cloudflare’s help to make it work? Is it because of the limitations of EE V3?
Do I also need to use WP plugin like "WPEncrypt’ plugin to renew the let’s encrypt SSL or your bash script automatically takes care of auto-renew cron jobs?
Please help me understand this. Thank you so much.