See a walkthrough of our delightfully-designed WordPress platform!

Watch the video

Choosing the right kind of SSL certificate for your Multisite

A common challenge faced when working with a multisite is determining what kind of SSL certificate to purchase. While Flywheel’s Simple SSL feature is great for single sites, it isn’t compatible with the multisite add-on, so you’ll want to obtain a certificate from a 3rd party vendor. This guide should help you find the right type of SSL certificate for your special site!

There are three configurations of multisite, each with their own considerations when it comes to choosing an SSL certificate.


Site Type URL Scheme Certificate
Domain Mapping


Technically, domain mapped subsites are either subdirectory or subdomain multisites where you specially configure each subsite to have a unique domain. It’s possible to have some subsites be domain mapped while not all of them are, resulting in a mix of subdomain and mapped domain sites, or a mix of subdirectory and mapped domain sites.

Standard certificate for a Subdirectory style multisite

Subdirectory multisites are the easiest to secure with an SSL certificate. Because each subsite is still under the parent site’s domain, subdirectory style multisites can be secured with a standard SSL that covers the primary domain. Currently, Flywheel’s Simple SSL isn’t compatible with multisite networks, despite the subdirectory style requiring only a standard certificate type. We hope to offer coverage for multisite networks with Simple SSL in the future!

Wildcard certificate for a Subdomain style multisite

Each subdomain in this kind of multisite falls under a single parent domain. That makes the best option for subdomain multisites a wildcard SSL certificate. A wildcard, denoted with an asterisk (*), covers a single unique domain and all possible subdomains underneath it.

If your primary domain is “”, a wildcard would look like “*” The wildcard would protect and all subdomains of For example, it would secure “”, “”, “”, “”, “”, and yes, even “”!

One thing to keep in mind is that wildcards do not protect second-level subdomains. So “*” would not protect “” or “” even though it protects “” and “”.


If you have very few subdomains in your multisite, you may find it less expensive to use a multi-domain SSL certificate instead of the wildcard type. A multi-domain certificate can be referred to as a Subject Alternate Name (SAN) certificate or a Unified Communications Certificate (UCC). These types of certificates explicitly list all of the domains that they will protect, including subdomains.

Multi-Domain certificate for a multisite with unique Domain Mapped subsites

When a multisite is domain mapping subsites to unique domains, the only option for full SSL coverage is a multi-domain SSL certificate, commonly referred to as UCC or SAN certificates.

A multi-domain certificate allows you to explicitly list out all of the domains that the SSL certificate will protect. The domains that you list can include unique domains independent of each other, subdomains of a parent domain, and wildcard domain entries that can cover all possible subdomains of a single unique parent domain.

Note that you often have to explicitly list both the www and non-www versions of your domains for most SSL certificate providers. Depending on your SSL certificate provider, a single SSL certificate may have a hard limit to the number of domains it can secure. It is most commonly limited to either 100 or 250 maximum domains.

Multi-domain SSL certificates tend to be the most expensive, especially if you are purchasing one that contains wildcards in it.

SSL Certificates for multisite can be confusing, even for seasoned developers. If you have further questions about protecting your multisite install on Flywheel, contact the WordPress experts at Flywheel support and we’d be happy to help get you up and running!

Was this article helpful?

  • Billing & Accounts

    Questions relating to payments, billing and managing your account on Flywheel.

    14 Articles
  • Blueprints

    Learn everything there is to know about what Blueprints are, how to create them and how to make the best use of them.

    5 Articles
  • Database

    How to access your WordPress database to make changes and update content.

    3 Articles
  • Domain Names

    Details about how to manage DNS and point your domain names at Flywheel.

    16 Articles
  • Frequently Asked

    The most commonly asked questions, and a few we just think you should know.

    26 Articles
  • General Questions

    Questions that don't fit elsewhere, or those about Flywheel in general.

    59 Articles
  • Getting started

    Everything you need to know to get your first Flywheel site up and running.

    17 Articles
  • Local

    Everything you need to know about our amazing, free local WordPress development software for Mac and PC.

    20 Articles
  • Organizations

    Everything you need to know about managing your team with our Organizations feature.

    8 Articles
  • Plugins

    Which plugins work best, which plugins work worst, and everything in between.

    8 Articles
  • Security

    Details about everything Flywheel does to makes your site so secure.

    16 Articles
  • SFTP

    Information on setting up and troubleshooting with SFTP connections and file transfers.

    5 Articles
  • Simple SSL

    All there is to know about our free, automatically installed and activated SSL certificates.

    8 Articles
  • Staging

    How to get the most out of Staging, which allows you to duplicate a site, make changes, and then push those changes to the live site.

    6 Articles
  • White Label

    Everything you need to know about our Whitelabel subscriptions for branding and reselling Flywheel.

    3 Articles

Flywheel help

Help is just a click away! Log into the Flywheel dashboard to instantly chat with an expert, open a ticket, or follow along with in-depth documentation. We happily offer support 24 hours a day, 7 days a week, 365 days a year!

Log in

Try it yourself. It's free & takes less than 60 seconds. Sign up