Updated Tuesday, January 8, 2018
By Grace C. Visconti
Specific Instructions for Grid Server Users of Host Media Temple
SSL FOR FREE MANUAL VERIFICATION OPTION INSTRUCTIONS
1. Open the sslforfree.com website.
2. Add your domain name to the https:// field then click on the green bar “Create Free SSL Certificate.”
3. Click on the middle option Manual Verification.
4. The Manually Verify Your Domain (HTTP Server) heading will come up halfway down the box. At the bottom of this section click on the title in the bottom green box “Manually Verify Domain.”
5. The Upload Verification Files section will come up after clicking on the bottom green box Manually Verify Domain.
6. Create a folder on your computer for this SSL Certificate. (For the purpose of this example there is only Download File #1 showing but there could be two files – Download Files #1 and #2. Go ahead now and Download File #1 if there is only one file or Download Files #1 and #2 if there are 2 files listed under the Upload Verification Files section. Put them in the folder you created on your computer where the SSL Certificate is going to be. After clicking the Download File #1 or Download Files #1 and #2, they will download into your folder. The files are made up of a string of characters which will be uploaded into a Media Temple window. But first, you must complete a few more steps in your domain section located on Media Temple website.
7. While leaving this SSL For Free window open with the Download Verification Files in view, open up another window on your browser and sign on to the Media Temple website. Choose the domain (image) for your main page as it will take you to your domain/s page.
8. Click on the blue ADMIN button. Important Note: Always use the blue ADMIN button in the Account Center to get to the File Manager Beta. If you click on your domain under Services in the Account Centre instead of clicking on the blue ADMIN button, you will not get to the section with the box that has the File Manager Beta option. There will only be 4 boxes if you go this route: Manage Server, Alternate Domain Admin, Domain Tools, and DNS & Zone Files. You can, however, use Manage SSL Certificate Options in the Alternate Domain Admin box to remove an existing Certificate before you start this process all over again when you have to renew it in three months.
Additionally, if you click on the File Manager Beta, you can also access the Edit DNS Zone in the DNS & Zone Files section, and the SSL Certificate in the Add-Ons section. You can use the Edit DNS Zone File if you choose the third option Manual Verification (DNS) on the SSL For Free website to obtain a new Certificate. These instructions are listed in the next section of this document.
9. After clicking on the blue ADMIN button, you will reach the GRID Control Panel with 9 sections: Server Guide; Email; File Management; Stats & Reports; Server Settings; Add-Ons; Databases; Domain Tools; and DNS & Zone Files.
10. Click on File Manager Beta. Click on domains and a list of domains will appear.
11. Click on the domain you want to add the certificate to. For the purpose of this demonstration, I am using a test website called ssltest.eagleheartdynamic.com.
12. Go to the html folder. Create a new folder within the html folder called .well-known with a period in front. If you already have an SSL Certificate, delete the old .well-known folder that was previously there and add a new one with the same title .well-known.
13. Within this .well-known folder, create another folder called acme-challenge.
14. Upload the string of characters from the Downloaded File #1 or Files #1 and 2 that you placed in a folder on your computer into the acme-challenge folder.
15. You can test whether the code works or not by going back to the sslforfree.com window page where you generated the code and click on the one link below File #1 or two links below Files #1 and #2 which includes your website name in green.
Note: After clicking on the link for one download file or the links for two downloaded files, if there are no error messages, then the file or files were successfully uploaded as seen in the image below. The string of characters shows up that you uploaded into the acme-challenge folder.
DOWNLOADING THE SSL CERTIFICATE
This section includes the steps of returning to the sslforfree.com website and downloading the SSL Certificate.
1. Go back to sslforfree.com website where you left off before going to the Media Temple website and Download the SSL Certificate by clicking on the green box at the bottom.
2. Three boxes will appear showing the Certificate, Private Key, and the CA Bundle (Root and Intermediate Certificates).
Important: Copy the 3 boxes of text into a Word doc in the order that you see it in the windows. On the Word doc in the Private Key paragraph, add RSA in the title —–BEGIN RSA PRIVATE KEY—–and —–END RSA PRIVATE KEY—–
2. Copy the 3 boxes of text into a Word doc. In the Word doc, in the Private Key paragraph, add RSA in the title —–BEGIN RSA PRIVATE KEY—–and —–END RSA PRIVATE KEY—–. Check out the pasted document here.
3. Go back to the Media Temple Account Centre main page where your domain is. Click on your domain and navigate to Manage SSL Certificate Options or you can access it in the Add-Ons window by clicking on SSL Certificate. This takes you to the SSL Options page. Scroll to the bottom of the page and click on IMPORT CERTIFICATE.
14. Paste in the code in the 3 windows wait until it saves. The Key (middle box on the sslforfree.com website) goes in the first box in the MT window. The Certificate code (first box on the sslforfree.com website) goes into the second box in the MT window. The CA Bundle code (third box from the sslforfree.com website) goes into the third MT window. SAVE. Your certificate should be uploaded successfully if you see the message “Certificate import successful.”
15. Go to https://mediatemple.net/community/products/dv/204643270/using-htaccess-rewrite-rules#5 (this is the .htaccess to redirect the http to https). Then go to ADD WWW OR HTTPS. Copy this code:
RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://www.example.com/$1 [R,L]
16. Go Back to Admin > File Manager Beta …go to domains…go to the preferred domain…click on .htaccess in your domain folder…do a couple of returns at the top to leave some space in between the other code that was there and paste the above code in the first few lines. Change the “example.com” to the desired https://domainname.com in the pasted new code. Leave out the www. SAVE and CLOSE. TEST the domain with https:// in the URL window. You can skip this step if you have already done this before when uploading the previous SSL Certificate because the code will still be there.
You’re done!
Now a word of caution if you go back to your website to check it after pasting in the URL, if you see a circle with a small letter i, then it means you have mixed content. This means that some of the http links have not changed over to https. If all of your links have switched over successfully, then you should see a green padlock and the word Secure next to your URL.
One of the best plugins to download and use is the SSL Insecure Content Fixer. Go ahead and download and activate it. Go to your General Settings and change your WordPress Address (URL) and Site Address (URL) from http to https. Save. This plugin changes the links on the front end but it’s best to go through all of your links and change them manually in Edit mode just to be on the safe side and especially since you will not be using http again.
If you want to find where the links have not been changed, go to Chrome and choose Inspect on your website. Click on Console and you will see the errors where the links have not changed over. Check all of your widgets if you have code in text form because this is where the changeover may not have occurred so again, make the change from http to https manually.
TESTING FOR ERRORS
SSL Shopper
One way to test whether your Certificate was successful is to go to sslshopper.com. If it is successful, there will be no errors. Remember to refresh your browser if you have reuploaded the Certificate if you got errors the first time otherwise, it might show that there is still an error when there is not.
Whynopadlock.com
Another way to check if you have any “soft errors” or “mixed content” which means mixed errors where some of the http have not changed over to https, is to go to the website whynopadlock.com. Type in your https:// URL. Click on the Capcha “I am not a robot.” If you see “Soft Errors” that means you have not passed the Mixed Content test and so it’s best to search out any http links that have not switched over. If you see a “Mixed Content – Pass,” it means your website is OK and you have no mixed content to fix. The green padlock should appear before your URL with the word Secure visible.
This is another way to download the SSL Certificate
MANUAL VERIFY USING DNS OPTION FOR OBTAINING AN SSL CERTIFICATE
NOTE: Some steps are repeated as in the above first option to download an SSL Certificate.
1. After hitting Update your SSL Certificate, you will come to a page that has 3 options: Automatic FTP Verification; Manual Verification; and Manual Verification (DNS).
2. Go to click on the bitblockrevolution.com website after signing in on the MT page. You’ll be in the Account Center. Click on the URL bitblockrevolution.com. It will take you to the Grid Control Panel.
3. Click on Edit DNS Zone File.
4. Copy _acme-challenge from the TXT line. Go back to MT Zone Records. Click on add row. Click on the Manually Verify Domain (DNS). Then paste the bolded line after “value” into the field next to TXT. SAVE.
5. Go back to #2 on the Verification page. Copy _acme-challenge.www from the TXT line. Go back to MT Zone Records. Click on add row. Then paste the bolded line after “value” into the field next to TXT. SAVE.
6. Create a folder on your computer for this SSL Certificate. Download files #1 and #2 listed in this Manually Verify Your Domain section and put them in a folder where the certificate is going to be. Place files #1 and #2 into that folder so that they can be uploaded from the MT window.
7. You can test whether the code works or not by going back to the sslforfree.com window page where you generated the code and click on the lengthy links below the file #1 and file #2 links which includes your website name in green. If you see both the codes without an error message, then it successfully uploaded file #1 and file #2.
8. Go back to sslforfree.com and Download the SSL Certificate. Copy the 3 boxes of text into a Word doc. In the Word doc, in the Private Key paragraph add RSA in the title —–BEGIN RSA PRIVATE KEY—–and —–END RSA PRIVATE KEY—–
9. Go back to the MT Account Centre main page where your domain is. Click on the domain and navigate to Manage SSL Certificate Options or you can access it in the Add-Ons window by clicking on SSL Certificate. This takes you to the SSL Options page. Scroll to the bottom of the page. IMPORT CERTIFICATE.
10. Paste in the code in the 3 windows wait until it saves. The Key (middle box on the sslforfree.com website) goes in the first box in the MT window. The Certificate code (first box on the sslforfree.com website) goes into the second box in the MT window. The CA Bundle code (third box from the sslforfree.com website) goes into the third MT window. SAVE. Your certificate should be uploaded successfully if you see the message “Certificate import successful.”
11. Go to https://mediatemple.net/community/products/dv/204643270/using-htaccess-rewrite-rules#5 (this is the .htaccess to redirect the http to https). Then go to ADD WWW OR HTTPS Copy this code:
RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://www.example.com/$1 [R,L]
12. Go Back to Admin > File Manager Beta …go to domains…go to the preferred domain…click on .htaccess in your domain folder…do a couple of returns at the top to leave some space in between the other code that was there and paste the above code in the first few lines. Change the “example.com” to the desired https://domainname.com in the pasted new code. Leave out the www. SAVE and CLOSE. TEST the domain with https:// in the URL window. You can skip this step if you have already done this before when uploading the previous SSL Certificate because the code will still be there.
You’re done!
Now a word of caution if you go back to your website to check it after pasting in the URL, if you see a circle with a small letter i, then it means you have mixed content. This means that some of the http links have not changed over to https. If all of your links have switched over successfully, then you should see a green padlock and the word Secure next to your URL.
One of the best plugins to download and use is the SSL Insecure Content Fixer. Download and activate it. Go to your General Settings and change your WordPress Address (URL) and Site Address (URL) from http to https. Save. This plugin changes the links on the front end but it’s best to go through all of your links and change them manually in Edit mode just to be on the safe side and especially since you will not be using http again.
If you want to find where the links have not been changed, go to Chrome and choose Inspect on your website. Click on Console and you will see the errors where the links have not changed over. Check all of your widgets if you have code in text form because this is where the changeover may not have occurred so again, make the change from http to https manually.
Follow the same procedure Testing For Errors as in the first option.