SPDY certificates and Wordpress multisite

Hello. I manage a small blog network (17) that has a lot of traffic
visits/month). I use Wordpress Multisite to manage it, each blog has its
domain name, and all are served from the same WP install.

I’m thinking about implementing SPDY to speed up the sites, I know I
SSL certificates for this to work.

  1. Will I need a certificate for each website? Or just one certificate
    the main site to encrypt the connection and that’s it?

  2. I have a single server directive holding most of the configuration
    with ‘default_server’, and then some individual settings for each site,
    mostly www-to-no-www redirects and legacy url rewrites. If I need a
    certificate for each website, do I need to replicate all the wordpress
    config for each domain, having a complete server directive with all WP +
    stuff in it for each domain? Does this impact nginx’s performance in any

This one’s just lazy: is the RPM package hosted in the nginx repo (for
in Fedora/CentOS, etc) compiled with SPDY on or I’ll need to compile my

Thanks in advance.


Posted at Nginx Forum:

I don’t use SPDY, so take what I say as being from an SSL perspective,
not a SPDY one.

If your 17 blogs live under the same domain that you own, you could
look at using a wildcard SSL cert. You’d only need a single
IP/server{} combo for each wildcard cert, and a single wildcard cert
for each unique domain suffix you own.

If that’s not helpful, and the domains are all different, then you
could look at a UCC (or SaN) SSL cert. This would also allow you to
use a single IP/server{} block, but would probably be uneconomical if
your domain list changes frequently.

Finally, if you need/get a separate SSL cert for each domain, you will
need a distinct IP and server{} block for each.

17 domains with SSL and a separate server{} for each will not affect
performance, IME. You’ll just proxy_pass to the same backend from


Jonathan M. // Oxford, London, UK

regarding recompile question: SPDY is supported with OpenSSL 1.0.1
so if your distro using earlier version, SPDY will not be supported,
you can check “nginx -V” if SPDY been enabled.

When recompiling you can use openssl source package and link it
to nginx if needed

Posted at Nginx Forum: