I have a multisite setup using Domain Access - I have my main site www.example.com and a subdomain sub.example.com. My SSL certificate is on https://example.com. I want my subdomain to use this for its secure pages as well. The sites share a cart and users (and a shared cookie_domain).

I have this working with my main domain if I set the secure and non-secure domains appropriately. The problem is with my subdomain. Because there aren't domain-specific admin settings for this module, it doesn't matter which site I access it from - if I change it for one it changes for the other. I want my main domain to use http://www.example.com and my subdomain to use http://sub.example.com as the non-secure pages.

At the moment my subdomain is trying to go to https://sub.example.com for secure pages and of course is displaying a warning. Then if I go back to a non-secure admin page it takes me to the admin pages for my main site.

I have tried setting my non-secure domain as http://*.example.com, but it uses the domain literally so you can't use wildcards.

I know this module is supposed to be a simpler solution - do I need to be looking at Secure Pages instead? I know it's possible to do this, I'm just not sure where I should be looking next.

Comments

crystaldawn’s picture

This module is not designed to work within a multi-site setup. It can only handle 1 ssl domain and 1 non-ssl domain currently. In your setup you require 2 of each. This would likely be a case where you may need to attempt to setup secure pages instead. The other option would be to create your own custom module based on this module and simply add the extra required fields for the extra domain names. This shouldnt be a very hard task to do at all and you would end up with a light weight solution. The issue for you would be that your module is now custom and thus any updates I do, you would need to make by hand.

Kalorlo’s picture

Thanks for the reply! I'll look into the other options.

Kalorlo’s picture

By the way, I found that if you switch on the Domain Settings module, it does let you set different secure and non-secure options per domain. I discovered that after setting up Secure Pages, but it applies to this module too. I still need a bunch of further work to keep track of which domain the user logged in on, but it's a start.

crystaldawn’s picture

Status: Active » Closed (works as designed)