The following article will instruct you on how to order and validate a Standard SSL from (mt) Media Temple.
What is a Standard SSL?
As a quick review, an SSL is required if you wish to have your site run over HTTPS. A Standard SSL is used to validate a single domain or single subdomain.
This means you could verify a single domain such as:
- example.com (www is automatically included)
OR you could verify a single subdomain such as:
What if I want to install an SSL on ALL my subdomains?
If you wish to install an SSL a single domain (example.com) and ALL of its subdomains (shop.example.com, blog.example.com, dev.example.com), a Wildcard SSL may be a better solution! For information on Wildcard SSLs, feel free to click the link below!
What if I want to install an SSL on multiple domains/subdomains?
If you wish to install an SSL on multiple domains/subdomains (example.com, testsite.com, blog.mywebsite.com) a Multi-Domain SSL may be a better solution! For information on Mult-Domain SSLs, feel free to click the link below!
Ordering the SSL
- Log into your Media Temple Account.
- In the top-right corner of your Overview page, click on ADD NEW SERVICE.
- Scroll down until you find SSL Certificate. Then click Get Started.
- Select the Standard SSL option by clicking ADD TO CART.
- Purchase the SSL certificate in your cart.
Fill out the SSL
- Once you've purchased the SSL, return to the Overview page in your Media Temple Account.
- Scroll down until you find your SSL, then click MANAGE.
- Add the Primary Domain for your SSL
- Do NOT include www during this step.
- Do NOT include www during this step.
- Fill out the appropriate contact information for your SSL. Then click CONTINUE.
If you plan to use HTML or DNS verification (which will be discussed later in this article) you will want to ensure that the SSL contact email address is one you have access to.
- Check that your SSL information is correct. Then click CONFIRM CERTIFICATE.
- The page will refresh, then click GENERATE CERTIFICATE.
Verifying the SSL
Once you have submitted the information for your SSL, verification will be required. There are four ways you will be able to verify ownership of the domain you are trying to secure.
Method 1: Auto-Confirm
For domains that have been added to your Media Temple account added to your Media Temple account added to your Media Temple account added to your Media Temple account, and with nameservers pointed to:
These domains will have the option to auto-verify and do not require any manual verification.
Method 2: Email Verification
This method can be utilized if you have access to the administrative emails for the domain that is to be secured. For instance, if we are verifying example.com, emails will be sent to:
When this email is received, you can open it, then click the validation link included. After a few minutes, the domain should verify.
If none of the above email accounts exist, but you wish to use this verification method, you can create one of the above usernames at your email host, then click RESEND APPROVAL EMAIL.
Method 3: HTML Verification
This method can be utilized if you have access file access to your web hosting. This could include File Manager, FTP, or SSH. If you are unsure of where your website is hosted, feel free to check out the article below:
Once you are logged into the appropriate account for file access, follow the instructions below:
- In short, the goal of the HTML verification is to take a unique ID, and paste it in a specific file path on your server. For DV servers, by default that file path will be: For Grid servers that file path will be: For Shared Hosting servers, by default that file path will be:
- Plesk: example.com/httpdocs/.well-known/pki-validation/godaddy.html
- cPanel: example.com/public_html/.well-known/pki-validation/godaddy.html
- An email with a unique ID will be sent to the SSL contact email address, which was entered earlier when filling out the certificate. Keep a note of this unique ID.
- Navigate to your domain’s root directory. root directory.
- Once in your root directory, create a file path /.well-known/pki-validation/godaddy.html
- Copy just your unique ID, and place it inside the godaddy.html file.
- You may need to wait a a few minutes for the verification to process the new file. But that's it!
The godaddy.html file MUST be placed on the subdomain. For example if you have an SSL for blog.example.com, the godaddy.html file must be placed in the file path blog.example.com/.well-known/pki-validation/godaddy.html.
If your site has a redirect on it (ie: example.com to www.example.com) the SSL may have difficulty verifying. If your site redirects, contact your developer so they may temporarily disable any redirects, or they can attempt to make an rewrite exception for /.well-known/pki-validation/godaddy.html. For sites using mod_rewrite, a possible exception rule could be: RewriteRule ^(.well-known) - [L]
Method 4: DNS Verification
To utilize this method, you will need to log into the account where your DNS is hosted. If you are unsure of where your DNS is hosted, feel free to check out the article below:
Once you are logged into the appropriate account, follow the instructions below:
- An email with a unique ID will be sent to the email address that had been inputted earlier as the SSL contact information.
- Add a new record.
- For record type select "TXT".
- If your zone files are managed at Media Temple, leave the subdomain field blank. Other hosts may require you to use an '@' in the subdomain field.
- For the value following the subdomain, enter your Unique ID.
- Below is an example of what the record should generally look like. But as a reminder, you NEED to create this record where your DNS is hosted (this may or may not be Media Temple):
Please keep in mind that due to DNS propogation, verification may take up to 24 hours to complete. It is unlikely that verification will take 24 hours, but it can occur and is part of the normal verification process. You should also receive a second confirmation email once the certificate has been issued.
DNS Verification for Subdomains:
The unique code MUST be entered on the PARENT domain. For example, if you have an SSL for shop.example.com, you will want to put the TXT record on example.com and NOT shop.example.com.
Installing the SSL
Once the SSL has been verifiied, you will want to install the SSL to your server. For information on installing an SSL to your server, click on the article below: