We are rolling out WP3 with Multisite support in a few places. Our preference is to use sub-domains rather than path names. For authentication we are currently use wp-dirauth (sp?) to authenticate against an existing ldap tree. Our preference would be to have all sites run under SSL but since you can't use serveralias or wildcards for apache ssl vhosts we have stuck with http. I have apache configured to accept all port 80 requests (serveralias *.blogs.me.com) but only accepting ssl (port 443) requests on "blogs.me.com".
What I need to know is
1) How can we force secure SSL logins on all sites (sub-domains) without having to generate a new apache vhost file for every sub-domain that is created? Can we redirect all logins to the secure "main" login site rather than insecure subdomain.
Mainsite: blogs.me.com (supports http and https)
Subdomain: sports.blogs.me.com (only supports http)
Login Page for sports actually brings up https://blogs.me.com/wp-login.php rather than http://sports.blogs.me.com/wp-login.php
How are other people dealing with SSL and sub-domains in apache (cron jobs, plugins, ??)? If there is a way to generate the apache vhost file and reload apache every time a new site is created. Would love some practical advice.