Ordering a Wildcard SSL certificate from Media Temple


  • Applies to: Grid
    • Difficulty: Easy
    • Time Needed: 10
    • Tools Required: Account Center access
  • Applies to: DV
    • Difficulty: Easy
    • Time Needed: 10
    • Tools Required: Account Center access
  • Applies to: Managed WordPress
    • Difficulty: Easy
    • Time Needed: 10
    • Tools Required: Account Center access

Overview

The following article will instruct you on how to order and validate a Wildcard SSL from (mt) Media Temple.

What is a Wildcard SSL?

For a quick review, an SSL is required if you wish to have your site run over HTTPS. A Wildcard SSL is used to validate a domain AND ALL of its subdomains.

As an example, you could verify:

  • Primary domain: example.com (www is automatically included)
  • Wildcard: *.example.com

*.example.com is a catch-all that allows you to verify as many subdomains as you would like. This could include: blog.example.com, store.example.com, dev.example.com, etc.

What if I want to install an SSL on multiple domains/subdomains?

If you wish to install an SSL on multiple domains/subdomains (example.com, testsite.com, blog.mywebsite.com) a Multi-Domain SSL may be a better solution! For information on Mult-Domain SSLs, feel free to click the link below!

What if I want to install an SSL on only a single domain or subdomain?

If you wish to install an SSL a single domain (example.com, www.exampl.com) or a single subdomain (shop.example.com, blog.example.com, dev.example.com), a Standard SSL may be a better solution! For information on Standard SSLs, feel free to click the link below!

Ordering the SSL

  1. Log into your Media Temple Account.
  2. In the top-right hand corner of your Overview page, click on ADD NEW SERVICE.
    ac-1.png
  3. Scroll down until you find SSL Certificate. Then click Get Started.
    ac-2.png
  4. Select the Wildcard SSL option by clicking ADD TO CART.
    wildcard-1.png
  5. Purchase the SSL certificate in your cart.

Fill out the SSL

  1. Once you've purchased the SSL, return to the Overview page in your Media Temple Account.
  2. Scroll down until you find your SSL, then click MANAGE.
    order-1.png
  3. Add the Primary Domain for your SSL
    • Do NOT include www during this step.
      order-5.png
  4. Fill out the appropriate contact information for your SSL. Then click CONTINUE.
    order-4.png
    NOTE:
    If you plan to use HTML or DNS verification (which will be discussed later in this article) you will want to ensure that the SSL contact email address is one you have access to.
  5. Check that your SSL information is correct. Then click CONFIRM CERTIFICATE.
    order-4.1.png
  6. The page will refresh, then click GENERATE CERTIFICATE.
    order-4.2.png

Verifying the SSL

Once you have submitted the information for your SSL, verification will be required. There are four ways you will be able to verify ownership of the domain you are trying to secure.

For Wildcard SSLs you only need to verify the Primary domain using ONE of the available methods below.

Method 1: Auto-Confirm

For domains that have been added to your Media Temple account added to your Media Temple account added to your Media Temple account, and with nameservers pointed to:

  • ns1.mediatemple.net
  • ns2.mediatemple.net

Those domains will have the option to auto-verify and do not require any manual verification.
order-5.png

Method 2: Email Verification

This method can be utilized if you have access to the administrative emails for the domain that is to be secured. For instance, if we are verifying example.com, emails will be sent to:

  • admin@example.com
  • administrator@example.com
  • hostmaster@example.com
  • postmaster@example.com
  • webmaster@example.com

When this email is received, you can open it, then click the validation link included. After a few minutes, the domain should verify.
email-clean.png

If none of the above email accounts exist, but you wish to use this verification method, you can create one of the above usernames at your email host, then click RESEND APPROVAL EMAIL.

Method 3: HTML Verification

This method can be utilized if you have file access to your web hosting. This could include File Manager, FTP, or SSH. If you are unsure of where your website is hosted, feel free to check out the article below:

Once you are logged into the appropriate account for file access, follow the instructions below:

  1. In short, the goal of the HTML verification is to take a unique ID, and paste it in a specific file path on your server. For DV servers, by default that file path will be: For Grid servers that file path will be:
    • Plesk: example.com/httpdocs/.well-known/pki-validation/godaddy.html
    • cPanel: example.com/public_html/.well-known/pki-validation/godaddy.html
    • example.com/html/.well-known/pki-validation/godaddy.html
  2. An email with a unique ID will be sent to the SSL contact email address, which was entered earlier when filling out the certificate. Keep a note of this unique ID.
    email-clean-1.png
  3. Navigate to your domain’s root directory. root directory.
  4. Once in your root directory, create a file path /.well-known/pki-validation/godaddy.html
  5. Copy just your unique ID, and place it inside the godaddy.html file.
  6. You may need to wait a a few minutes for the verification to process the new file. But that's it!

For Redirects:
If your site has a redirect on it (ie: example.com to www.example.com) the SSL may have difficulty verifying. If your site redirects, contact your developer so they may temporarily disable any redirects, or they can attempt to make an rewrite exception for /.well-known/pki-validation/godaddy.html. For sites using mod_rewrite, a possible exception rule could be: RewriteRule ^(.well-known) - [L]

Method 4: DNS Verification

To utilize this method, you will need to log into the account where your DNS is hosted. If you are unsure of where your DNS is hosted, feel free to check out the article below:

Once you are logged into the appropriate account, follow the instructions below:

  1. An email with a unique ID will be sent to the email address that had been inputted earlier as the SSL contact information.
    email-clean-1.png
  2. Add a new record.
  3. For record type select "TXT".
  4. If your zone files are managed at Media Temple, leave the subdomain field blank. Other hosts may require you to use an '@' in the subdomain field.
  5. For the value following the subdomain, enter your Unique ID.
  6. Below is an example of what the record should generally look like. But as a reminder, you NEED to create this record where your DNS is hosted (this may or may not be Media Temple):
    email-6.png

Please keep in mind that due to DNS propogation, verification may take up to 24 hours to complete. It is unlikely that verification will take 24 hours, but it can occur and is part of the normal verification process. You should also receive a second confirmation email once the certificate has been issued.

Installing the SSL

Once the SSL has been verifiied, you will want to install the SSL to your server. For information on installing an SSL to your server, click on the article below:

Overview

The Managed WordPress servers are unfortunately not able to support or install Wildcard SSL Certificates.

If you do require and SSL, the Standard SSLs are supported and are ale to be installed on Managed WordPress. For information on Standard SSLs, feel free to view the article below:

Additionally the Managed WordPress Professional includes 2 Standard SSLs with purchase. For information on the Managed WordPress Professional, feel free to check out our website:

Disclaimer: Additional terms and conditions apply. See site for details.