My client is using MediaTemple to host their multisite network. It's currently installed using subdirectories (because that's all we could get to work with MT initially) and various domains/subdomains are mapped to those subdirectories.
Unfortunately, we now need to use SSL to protect different sites (which are used to generate content for Facebook tabs). We have purchased and installed a wildcard SSL certificate, and it's working for everything except the mapped subdomains.
I contacted MediaTemple and asked for help there. On a VPS or other private setup, this is an easy fix - you just add a vhost to Apache's conf file listening on port 443 for that subdomain. Their response is below:
While its certainly possible to use wildcard SSL certificates on the (gs) Grid-Service, due to the shared and clustered architecture of this hosting service, it does have the limitation that the sub-domain will need to have its own directory and or symlink defined within the /domains folder. Its not possible to define custom Apache vhosts.conf files per customer, as Apache is shared amongst all customers on that given cluster.
The specific issue your facing is due to WordPress handling the sub-domains and sub-directories dynamically. To demonstrate this, I have created the sub-domain; mttest.ghmedicalhome.org in your /domains folder. SSL encrypted requests for this sub-domain resolve as expected to its own content.
The reason your example of https://ghmobile.ghmedicalhome.org/ghmobile is not resolving correctly, is due to your WordPress configuration and how it is handling your directories dynamically and not related to a functionality of the (gs) Grid-Service.
Unfortunately, if you require the specific configuration you are referring to, you will need to consider migrating to either a (dv) Dedicated-Virtual Server or (ve) Server. These self-managed hosting solutions provide an isolated environment with dedicated resources and complete root access to be able to install, configure, and modify any core service you require without affecting other customers.
Any ideas on how to fix this without forcing my client to upgrade? Making them spend $200 for a wildcard cert was a big step ... I'd like to avoid paying for a dedicated solution plus the time it'll take to migrate if I can.