I’m helping someone with their site at wordpress.com but they aren’t that familiar with how SSL certs work.
They have your wildcard installed for hwany.wordpress.com but they need to get one for hwany.org Will this be done automatically with Let’s encrypt or do they need to buy one separately and install?
Has hwany.wordpress.com been upgraded to a paid plan to enable you to correctly map the other domain to that site? Then the other domain could be set as the primary domain and would display in browsers (with a padlock).
That doesn’t address the SSL cert issue.
hwany.wordpress.com uses the wordpress wildcard cert like all the domain.wordpress.com sites.
For the other domain there must be a new cert installed, else browsers will give a warning. My question is how wordpress.com allows that. Does wordpress.com provide it, or does the customer create a CSR and get it signed?
We automatically enable SSL for all sites hosted on WordPress.com. Whether you use the free WordPress.com address or a custom domain makes no difference – if you add a custom domain to your site we automatically issue a SSL cert for that domain as well.