Thanks for your advice. First I turned off SSL in Cloudflare for all the domains on the Multisite and clicked the orange clouds to gray ones under DNS for the two most important domains I’m trying to set up, and the sites all worked fine under http://. Then I followed the instructions for just one of the domains at https://support.cloudflare.com/hc/en-us/articles/224985668-How-to-install-an-Origin-CA-certificate-in-cPanel and followed the ‘Using Cloudflare Dashboard’ option and then the procedure for ‘Installing the Origin CA Certificate in cPanel’ to obtain a happy message from cPanel of ‘SSL Host Successfully Installed. You have successfully configured SSL. The SSL website is now active and accessible via HTTPS: on this domain: [showing the domain with a preceding * to indicate it supported all subdomains]’. That text was followed in the same popup box by a somewhat ambiguous message saying "The SSL certificate also supports these domains, but these domains do not refer to the SSL website mentioned above: Cloudflare Origin Certificate, [and the ROOT domain of the wildcard domain shown just above]. So with that ambiguous message it’s NOT QUITE CLEAR if the root domain should work under SSL now or not, but when I tested it at that point, it didn’t work, with the redirect errors I’ve become accustomed to seeing.
Assuming however that the ambiguous message meant that SSL would theoretically work for the root domain I figured there were probably some unstated requirements that I still had to figure out to actually make it work, and went on to remove ‘define(‘FORCE_SSL_ADMIN’, false);’ from wp-config.php (after having earlier tested ‘define(‘FORCE_SSL_ADMIN’, true);’ without any benefit, and there being other domains and subdomains on that Multisite install that are NOT using SSL anymore which I didn’t want to cause conflicts with). Removing that command from wp-config.php didn’t help anything though, the site still didn’t work.
So, still following the trails of randomly scattered partial instructions that are all over the web that I have tried numerous combinations of before, I tried setting the SiteURL and Home settings in Wordpress to https://, but that was without any effect. Then I went back to Cloudflare and enabled Full(strict) SSL for the domain and made sure it’s DNS records had orange clouds instead of gray ones, and Voila! – Now I get this error: ‘Error 526 Ray ID: 3bbf6d990f1e0ef7 • 2017-11-11 07:09:48 UTC Invalid SSL certificate’ which didn’t go away or change when I put the SiteURL and Home settings in Wordpress back to http://. Strangely, this error shows up under https:// for the domain, even with a green lock! It just seems so absolutely absurd to be showing https:// with a green lock on a page reporting an ‘Invalid SSL certificate’, I don’t know what to think. Is this a Cloudflare-only thing, or would SSL certificates from other outfits perform with the same asbsurdity? I only have so many years left to test all the potential combinations of things, I have to focus down.
It would be logical that Cloudflare should have SSL turned on for a domain running it’s own certificate and that SSL should then work too, but since there does not seem to exist a coherent set of start-to-finish instructions anywhere for how to accomplish this (certainly not for Wordpress Multisites!), logic doesn’t necessarily have to apply. Cpanel had said SSL was ready to go too but maybe there are special conditions for Cloudflare? I’m reluctant to change nameservers to test this with some other DNS provider and maybe Cloudflare’s certificates only work when DNS is managed by Cloudflare? – there are so many basic questions for which no answers are discoverable except by asking seasoned pros like you who’ve either been tutored by someone or worked through all the myriad combinations of settings to find out for yourself through trial and error what actually works.
BTW, [email protected] is completely nonresponsive. I’m starting to think that Cloudflare is the reason for the problems I’m experiencing, is that possible or likely? Can you suggest a more reliable way to enable SSL on my Wordpress Multisite besides paying someone else to do it for me?