Support / KnowledgeBase

 
Search the KnowledgeBase Search

Installing an SSL Certificate

  • Applies to: (dv) 4.0, DV, DV Developer, Grid

  • Difficulty: Medium

  • Time needed: 30 minutes

  • Tools needed: Account Center access or Plesk administrator access

 
  • Applies to: Grid
    • Difficulty: Medium
    • Time Needed: 20
    • Tools Required: Account Center access
  • Applies to: DV
    • Difficulty: Medium
    • Time Needed: 20
    • Tools Required: Plesk administrator access
  • Applies to: DV 4.0
    • Difficulty: Medium
    • Time Needed: 20
    • Tools Required: Plesk administrator access
  • Applies to: (ve)
    • Difficulty: Medium
    • Time Needed: 20
    • Tools Required: SSH access

Overview

If you need an SSL certificate, you can either purchase one from (mt) Media Temple or install a third-party certificate yourself.

You can purchase a certificate from any certifying authority that provides Apache certificates. Regardless of which provider you choose, the basic steps for your (mt) Media Temple server are the same.

  1. Generate a CSR (certificate request).
  2. Submit the CSR to your third-party certifying authority, and fill out their requested information.
  3. Receive the certificate (and any chain certificates, if necessary) from your certifying authority.
  4. Import the certificate and any chain certificates to your (mt) Media Temple server.

These steps are covered in more detail below.

Note:

Our services include a technology called Server Name Indication (SNI). This makes it possible for you to use authentic SSL certificates for sites hosted on shared IP addresses. SNI works with all modern web browsers, however some older browsers (notably IE on Windows XP) may be incompatible with SNI. For more information on SNI, please refer to the following articles:


TIP:

Already have a certificate? You may be able to skip the CSR part of the instructions and simply import your certificate and private key from the previous server. See Moving an SSL Certificate from another server for details.

Automatically installing a (mt) Media Temple SSL certificate

  1. Sign into your Account Center.
  2. From the "Overview" page, scroll to the Add-On Services section and click on the "Manage" button next to the SSL certificate.
  3. Click on the "Install/Reinstall SSL Certificate" option.
    install_ssl
  4. Choose your Grid, and press the "Install" button.
    select_grid_ssl
  5. You will be prompted to agree to a verification. Click "OK" if you agree.
    ssl_disclaimer
  6. The "Install" button will change to "Installing," and when complete it will update to say "Installed." If instead it updates with an error message, try to install again or contact support.

Manually installing a (mt) Media Temple SSL certificate

CloudTech_ProductPage_217x57

CloudTech Can Help!

If you’re having trouble with the steps in this article, additional assistance is available via CloudTech, our premium services division. Our expert engineers can perform a manual SSL certificate installation, leaving you free to manage your business. For more information on what CloudTech can do for you, please click here.

  1. Sign into your Account Center.
  2. From the "Overview" page, scroll to the Add-On Services section and click on the "Manage" button next to the SSL certificate.
  3. Click on the "View/Download Certificate Info."
    view_ssl
  4. Open a text editor program, then copy into the program the full text content to the left of the following sections:
    • Private Key
    • SSL Certificate
    • CA / Chain Certificate
  5. Click on "Domains" from the menu at the top your Account Center and select the primary domain for the service you wish to add the SSL to.
  6. Click SSL Certificate

    ssl_cert_grid

  7. Click Import Certificate.

    import_ssl_button

  8. On your computer, open your SSL certificate with a plain text editor. See Step 4 for details.
  9. Copy the certificate from the text editor and paste it into the Certificate field in the Account Center. Copy the entire thing, including the beginning and ending lines.

    cert

  10. Perform the same steps to copy and paste the private key and CA / chain certficate into the Private Key and CA/Chain Certificate field, one after the other. Again, include the beginning and ending lines.

  11. Click Save.
  • Your site is now encrypted by an SSL certificate. You must visit your site over https:// to see the effects. Make sure you use the exact domain or subdomain for which you purchased the certificate.

Manually installing a third-party SSL certificate

  • Obtain your certificate, and any required chain certificates, from your certifying authority. You may be prompted to download something called a bundle. Do so, unzip it if necessary, and open it. You will likely have one certificate and three chain certificates inside. You can open these files in a text editor, such as Notepad or TextEdit, for easy copying and pasting.
    • Chain certificates are also called CA certificates.
  • Import your certificate and any chain certificates.
    1. Sign into the Account Center.
    2. Click on your domain.
    3. Click SSL Certificate

      ssl_cert_grid

    4. Click Import Certificate.

      import_ssl_button

    5. On your computer, open your SSL certificate with a plain text editor.
    6. Copy the certificate from the text editor and paste it into the Certificate field in the Account Center. Copy the entire thing, including the beginning and ending lines.

      cert

    7. If you have any chain certificates, or CA certificates, paste those into the CA/Chain Certificate field, one after the other. Again, include the beginning and ending lines for each chain certificate.
    8. Click Save.
  • Your site is now encrypted by an SSL certificate. You must visit your site over https:// to see the effects. Make sure you use the exact domain or subdomain for which you purchased the certificate.

Automatically installing a (mt) Media Temple SSL certificate

  1. Sign into your Account Center.
  2. From the "Overview" page, scroll to the Add-On Services section and click on the "Manage" button next to the SSL certificate.
  3. Click on the "Install/Reinstall SSL Certificate" option.
    install_ssl
  4. Choose your DV server, and press the "Install" button. You will be prompted to agree to a verification, because as part of the SSL installation your IP address may change. Also if you already have an existing SSL certificate installed onto the chosen DV server account, it will be overwritten.
    install_ssl_dv
  5. The "Install" button will change to "Installing," and when complete it will update to say "Installed." If instead it updates with an error message, try to install again or contact support.
  6. If replacing an existing SSL certificate for the same domain, you will now want to login to Plesk, and assign the new SSL to the domain. This is done from the "Websites & Domains" tab. Click on the domain name from the list to assign the new SSL to it. 

Manually installing a (mt) Media Temple SSL certificate

CloudTech_ProductPage_217x57

CloudTech Can Help!

If you’re having trouble with the steps in this article, additional assistance is available via CloudTech, our premium services division. Our expert engineers can perform a manual SSL certificate installation, leaving you free to manage your business. For more information on what CloudTech can do for you, please click here.

Installing Your SSL From (mt) Media Temple Using cPanel

  1. Sign into your Account Center.
  2. From the "Overview" page, scroll to the Add-On Services section and click on the "Manage" button next to the SSL certificate.
  3. Click on the "View/Download Certificate Info."
    view_ssl
  4. Open a text editor program, then copy into the program the full text content to the left of the following sections:
    • Private Key
    • SSL Certificate
    • CA / Chain Certificate

NOTE:

The following steps depend on what Plesk interface you use. Even though the color scheme might be different, the steps remain the same.

Next, you will need to input this certificate into cPanel. You can get to the SSL certificate management section by following these steps:

  1. Log into cPanel for your domain.
  2. From the menu to the left, select SSL/TLS.
  3. Next, click on Install an SSL Certificate on a Domain.
    install_ssl_cpanel

Once you are at the SSL Certificates screen, continue with installing the SSL certificate by following the instructions below.

  1. Add the domain for the SSL you wish to install.
  2. Select the IP if necessary.
  3. Scroll down to the section called Certificate.
  4. On your computer, open your SSL certificate with a plain text editor.
  5. Copy and paste the Certificate contents into the Certificate section on the page, making sure to copy the text that starts with the line -----BEGIN CERTIFICATE----- and ends with the line -----END CERTIFICATE-----.
    ssl_cpanel
  6. Perform the same steps to copy and paste the Private Key and CA (Certificate Authority) Bundle into the Private Key and CA Bundle field, one after the other. Again, include the beginning and ending lines.
  7. Click the Install button to save the SSL certificate to the server.

Installing Your SSL From (mt) Media Temple Using Plesk

If you are using the Power User Panel, you can get to the SSL certificate management section by following these steps:

  1. Log into the Plesk Control Panel for your domain.
  2. From the row of tabs at the top, select Websites & Domains.
  3. Click on Secure Your Sites.

If you are using the Service Provider Panel, you can get to the SSL certificate management section by following these steps:
You must have the Server Administration Panel enabled. For instructions, please see: How can I change my Plesk interface?

  1. Log into the Plesk Server Administrator Panel.
  2. From the left-menu, click on Domains from the Hosting Services section.
  3. Click on Manage Hosting or Open in Control Panel for the domain you are installing the SSL certificate for.
  4. From the row of tabs at the top, select Websites & Domains.
  5. Click on Secure Your Sites. (You may have to click the drop down for the domain to see this option.)Parallels_Plesk_Panel_11.5.30_20130927_095708.jpg

Once you are at the SSL Certificates screen, continue with installing the SSL certificate by following the instructions below.

  1. Click on the Add SSL Certificate icon.Parallels_Plesk_Panel_11.5.30_20130926_130014.jpg
  2. Fill in the Certificate name field. This will help you identify this certificate in the repository.
    Parallels_Plesk_Panel_11.5.30_20130927_134859.jpg
  3. Scroll down to the section called Upload certificate as text towards the bottom of the page.
  4. On your computer, open your SSL certificate with a plain text editor.
  5. Copy and paste the Private Key contents into the Private Key section on the page, making sure to copy the text that starts with the line -----BEGIN RSA PRIVATE KEY----- and ends with the line -----END RSA PRIVATE KEY-----.
  6. Perform the same steps to copy and paste the certificate and CA certificate into the Certificate and CA Certificate field, one after the other. Again, include the beginning and ending lines.
  7. Click the Send Text button to save the SSL certificate to the server.Parallels_Plesk_Panel_11.5.30_20130927_104240.jpg
  8. Next, we need to make sure SSL support is enabled for that domain. Return to the Websites & Domains tab.
  9. Click on Hosting Settings.Parallels_Plesk_Panel_11.5.30_20130927_121905.jpg
  10. Under the Security section, check the box for Enable SSL support and select the SSL certificate for your domain. Click OK to save these settings.Parallels_Plesk_Panel_11.5

Installing a third-party SSL certificate

If you are using the Power User Panel, you can get to the SSL certificate management section by following these steps:

  1. Log into the Plesk Control Panel for your domain.
  2. From the row of tabs at the top, select Websites & Domains.
  3. Click on Secure Your Sites.

If you are using the Service Provider Panel, you can get to the SSL certificate management section by following these steps:
You must have the Server Administration Panel enabled. For instructions, please see: How can I change my Plesk interface?

  1. Log into the Plesk Server Administrator Panel.
  2. From the left-menu, click on Domains from the Hosting Services section.
  3. Click on Manage Hosting or Open in Control Panel for the domain you are installing the SSL certificate for.
  4. From the row of tabs at the top, select Websites and Domains.
  5. Click on Secure Your Sites.

Once you are at the SSL Certificates screen, continue with installing the SSL certificate by following the instructions below.

  1. Click on the Add SSL Certificate icon.
  2. Fill in the Certificate name field. This will help you identify this certificate in the repository.
  3. Specify the certificate properties:
    • Certificate name. This will help you identify this certificate in the repository.
    • Bits. Use the option for 2048 for a more secure SSL certificate.
    • Your location and organization name. The values you enter should not exceed the length of 64 symbols.
    • Domain name. The domain name for which you want to purchase an SSL certificate. This should be a fully qualified domain name. For this example, we use: dv-example.com.
    • Email. The website administrator's e-mail address.
  4. Double-check to ensure that all the provided information is correct and accurate, as it will be used to generate your private key.
  5. Click the Request button. Your private key and certificate signing request will be generated and stored in the repository.
  6. In the list of certificates, click the name of the certificate you just created. A page showing the certificate properties opens.
  7. Locate the CSR section on the page, and copy the text that starts with the line -----BEGIN CERTIFICATE REQUEST----- and ends with the line -----END CERTIFICATE REQUEST----- to the clipboard.
  8. Submit your CSR to your third-party certifying authority. Fill out any information they require. When you fill in the server type, select Apache or Apache OpenSSL, whichever is available.
    • Verisign - choose Apache
    • Thawte - choose Apache_OpenSSL
    • GeoTrust - choose Apache + Open SSL
  9. It may take a few days for the certifying authority to process your request. If you have questions about the status of your request, please contact your third-party vendor.
  10. Obtain your certificate, and any required chain certificates, from your certifying authority. You may be prompted to download something called a bundle. Do so, unzip it if necessary, and open it. You will likely have one certificate and up to three chain certificates inside. You can open these files in a plain text editor, such as Notepad or TextEdit, for easy copying and pasting. Chain certificates are also called CA certificates.
  11. Return to the SSL certificates repository (Websites & Domains > Secure Your Sites), and select the previously created SSL certificate.
  12. Scroll down to the section called Upload certificate as text towards the bottom of the page.
  13. On your computer, open your SSL certificate with a plain text editor.
  14. Copy and paste the Private Key contents into the Private Key section on the page, making sure to copy the text that starts with the line -----BEGIN RSA PRIVATE KEY----- and ends with the line -----END RSA PRIVATE KEY-----.
  15. Perform the same steps to copy and paste the certificate and CA certificate into the Certificate and CA Certificate field, one after the other. Again, include the beginning and ending lines.
  16. Click the Send Text button to save the SSL certificate to the server.
  17. Next, we need to make sure SSL support is enabled for that domain. Return to the Websites & Domains tab.
  18. Click on Hosting Settings.
  19. Under the Security section, check the box for Enable SSL support and select the SSL certificate for your domain. Click OK to save these settings.

Automatically installing a (mt) Media Temple SSL certificate

NOTE:

Automatic installation requires Plesk 10.3 or newer, with Apache SNI support enabled. This allows multiple SSL Certificates to be installed on a shared IP address. For more information and steps to enable SNI support, please see: How can I host multiple sites on a single IP address?

  1. Sign into your Account Center.
  2. From the "Overview" page, scroll to the Add-On Services section and click on the "Manage" button next to the SSL certificate.
  3. Click on the "Install/Reinstall SSL Certificate" option.
    install_ssl
  4. Choose your DV server, and press the "Install" button. You will be prompted to agree to a verification, because as part of the SSL installation your IP address may change. Also if you already have an existing SSL certificate installed onto the chosen DV server account, it will be overwritten.
    install_ssl_dv
  5. The "Install" button will change to "Installing," and when complete it will update to say "Installed." If instead it updates with an error message, try to install again or contact support.
  6. If replacing an existing SSL certificate for the same domain, you will now want to login to Plesk, and assign the new SSL to the domain. This is done from the "Websites & Domains" tab. Click on the domain name from the list to assign the new SSL to it. 

Manually installing a (mt) Media Temple SSL certificate

CloudTech_ProductPage_217x57

CloudTech Can Help!

If you’re having trouble with the steps in this article, additional assistance is available via CloudTech, our premium services division. Our expert engineers can perform a manual SSL certificate installation, leaving you free to manage your business. For more information on what CloudTech can do for you, please click here.

Plesk 10.3.1 and newer, with SNI support enabled

If you are using the Power User Panel, you can get to the SSL certificate management section by following these steps:

  1. Log into the Plesk Control Panel for your domain.
  2. From the row of tabs at the top, select Websites & Domains.
  3. Click on Secure Your Sites.

If you are using the Service Provider Panel, you can get to the SSL certificate management section by following these steps:
You must have the Server Administration Panel enabled. For instructions, please see: How can I change my Plesk interface?

  1. Log into the Plesk Server Administrator Panel.
  2. From the left-menu, click on Domains from the Hosting Services section.
  3. Click on Manage Hosting or Open in Control Panel for the domain you are installing the SSL certificate for.
  4. From the row of tabs at the top, select Websites and Domains.
  5. Click on Secure Your Sites.

Once you are at the SSL Certificates screen, continue with installing the SSL certificate by following the instructions below.

  1. Click on the Add SSL Certificate icon.
  2. Fill in the Certificate name field. This will help you identify this certificate in the repository.
  3. Scroll down to the section called Upload certificate as text towards the bottom of the page.
  4. On your computer, open your SSL certificate with a plain text editor.
  5. Copy and paste the Private Key contents into the Private Key section on the page, making sure to copy the text that starts with the line -----BEGIN RSA PRIVATE KEY----- and ends with the line -----END RSA PRIVATE KEY-----.
  6. Perform the same steps to copy and paste the certificate and CA certificate into the Certificate and CA Certificate field, one after the other. Again, include the beginning and ending lines.
  7. Click the Send Text button to save the SSL certificate to the server.
  8. Next, we need to make sure SSL support is enabled for that domain. Click on the Up Level icon in the upper right-hand corner to get started.
  9. Click on the domain name, listed towards the bottom of the page to get to Hosting Settings.
  10. Under the Security section, check the box for Enable SSL support and select the SSL certificate for your domain. Click OK to save these settings.

Manually installing a (mt) Media Temple SSL certificate

CloudTech_ProductPage_217x57

CloudTech Can Help!

If you’re having trouble with the steps in this article, additional assistance is available via CloudTech, our premium services division. Our expert engineers can perform a manual SSL certificate installation, leaving you free to manage your business. For more information on what CloudTech can do for you, please click here.

Plesk 10.2 and lower, without SNI support

  1. Sign into your Account Center.
  2. From the "Overview" page, scroll to the Add-On Services section and click on the "Manage" button next to the SSL certificate.
  3. Click on the "View/Download Certificate Info."
    view_ssl
  4. Open a text editor program, then copy into the program the full text content to the left of the following sections:
    • Private Key
    • SSL Certificate
    • CA / Chain Certificate

NOTE:

The following steps depend on what Plesk interface you use. Even though the color scheme might be different, the steps remain the same.

Power User Panel

  1. Log into the Plesk Control Panel for your domain.


  2. Click on the Server tab.


    Figure 2.

  3. Under Tools & Resources, click on SSL Certificates.
  4. Click on the Add SSL Certificate icon.
  5. Fill in the Certificate name. This will help you identify this certificate in the repository.
  6. Scroll down to the section called Upload certificate as text.
  7. On your computer, open your SSL certificate with a plain text editor.
  8. Copy and paste the Private Key contents into the Private Key section on the page, making sure to copy the text that starts with the line -----BEGIN RSA PRIVATE KEY----- and ends with the line -----END RSA PRIVATE KEY-----.
  9. Perform the same steps to copy and paste the certificate and CA certificate into the Certificate and CA Certificate field, one after the other. Again, include the beginning and ending lines.
  10. Click Send Text to save the SSL certificate to the server.
  11. Next, we need to assign the certificate to the IP address. Click again on the on Server tab, click on IP Addresses, then click on your IP address.
  12. From the SSL Certificate drop-down menu, select the certificate you installed and click on the OK button.

Service Provider Panel

You must have the Server Administration Panel enabled. For instructions, please see: How can I change my Plesk interface?

  1. Log into the Plesk Server Administrator Panel.
  2. From the left-menu, click on Tools & Utilities.
  3. Click on SSL Certificates.
  4. Click on Add SSL Certificate.
  5. Fill in the Certificate name. This will help you identify this certificate in the repository.
  6. Scroll down to the section called Upload certificate as text.
  7. On your computer, open your SSL certificate with a plain text editor.
  8. Copy and paste the Private Key contents into the Private Key section on the page, making sure to copy the text that starts with the line -----BEGIN RSA PRIVATE KEY----- and ends with the line -----END RSA PRIVATE KEY-----.
  9. Perform the same steps to copy and paste the certificate and CA certificate into the Certificate and CA Certificate field, one after the other. Again, include the beginning and ending lines.
  10. Click Send Text to save the SSL certificate to the server.
  11. Next, we need to assign the certificate to the IP address. Click again on Tools & Utilities, click on IP Addresses, then click on your IP address.
  12. From the SSL Certificate drop-down menu, select the certificate you installed and click on the OK button.

Installing a third-party SSL certificate

Plesk 10.3.1 and newer, with SNI support enabled

If you are using the Power User Panel, you can get to the SSL certificate management section by following these steps:

  1. Log into the Plesk Control Panel for your domain.
  2. From the row of tabs at the top, select Websites & Domains.
  3. Click on Secure Your Sites.

If you are using the Service Provider Panel, you can get to the SSL certificate management section by following these steps:
You must have the Server Administration Panel enabled. For instructions, please see: How can I change my Plesk interface?

  1. Log into the Plesk Server Administrator Panel.
  2. From the left-menu, click on Domains from the Hosting Services section.
  3. Click on Manage Hosting or Open in Control Panel for the domain you are installing the SSL certificate for.
  4. From the row of tabs at the top, select Websites and Domains.
  5. Click on Secure Your Sites.

Once you are at the SSL Certificates screen, continue with installing the SSL certificate by following the instructions below.

  1. Click on the Add SSL Certificate icon.
  2. Fill in the Certificate name field. This will help you identify this certificate in the repository.
  3. Specify the certificate properties:
    • Certificate name. This will help you identify this certificate in the repository.
    • Bits. Use the option for 2048 for a more secure SSL certificate.
    • Your location and organization name. The values you enter should not exceed the length of 64 symbols.
    • Domain name. The domain name for which you want to purchase an SSL certificate. This should be a fully qualified domain name. For this example, we use: dv-example.com.
    • Email. The website administrator's e-mail address.
  4. Double-check to ensure that all the provided information is correct and accurate, as it will be used to generate your private key.
  5. Click the Request button. Your private key and certificate signing request will be generated and stored in the repository.
  6. In the list of certificates, click the name of the certificate you just created. A page showing the certificate properties opens.
  7. Locate the CSR section on the page, and copy the text that starts with the line -----BEGIN CERTIFICATE REQUEST----- and ends with the line -----END CERTIFICATE REQUEST----- to the clipboard.
  8. Submit your CSR to your third-party certifying authority. Fill out any information they require. When you fill in the server type, select Apache or Apache OpenSSL, whichever is available.
    • Verisign - choose Apache
    • Thawte - choose Apache_OpenSSL
    • GeoTrust - choose Apache + Open SSL
  9. It may take a few days for the certifying authority to process your request. If you have questions about the status of your request, please contact your third-party vendor.
  10. Obtain your certificate, and any required chain certificates, from your certifying authority. You may be prompted to download something called a bundle. Do so, unzip it if necessary, and open it. You will likely have one certificate and up to three chain certificates inside. You can open these files in a plain text editor, such as Notepad or TextEdit, for easy copying and pasting. Chain certificates are also called CA certificates.
  11. Return to the SSL certificates repository (Websites & Domains > Secure Your Sites), and select the previously created SSL certificate.
  12. Scroll down to the section called Upload certificate as text towards the bottom of the page.
  13. On your computer, open your SSL certificate with a plain text editor.
  14. Copy and paste the Private Key contents into the Private Key section on the page, making sure to copy the text that starts with the line -----BEGIN RSA PRIVATE KEY----- and ends with the line -----END RSA PRIVATE KEY-----.
  15. Perform the same steps to copy and paste the certificate and CA certificate into the Certificate and CA Certificate field, one after the other. Again, include the beginning and ending lines.
  16. Click the Send Text button to save the SSL certificate to the server.
  17. Next, we need to make sure SSL support is enabled for that domain. Click on the Up Level icon in the upper right-hand corner to get started.
  18. Click on the domain name, listed towards the bottom of the page to get to Hosting Settings.
  19. Under the Security section, check the box for Enable SSL support and select the SSL certificate for your domain. Click OK to save these settings.

Manually installing a third-party SSL certificate for Plesk 10.3 and lower (without SNI enabled)

Power User panel

  1. Log into the Plesk Control Panel for your domain.
  2. Click on the "Server" Tab.

  3. Under Tools & Resources, click on SSL Certificates.
  4. Click on the Add SSL Certificate icon.
  5. Specify the certificate properties:
    • Certificate name. This will help you identify this certificate in the repository.
    • Your location and organization name. The values you enter should not exceed the length of 64 symbols.
    • Domain name. The domain name for which you want to purchase an SSL certificate. This should be a fully qualified domain name. For this example, we use: dv-example.com.
    • Email. The website administrator's e-mail address.

    Double-check to ensure that all the provided information is correct and accurate, as it will be used to generate your private key.

  6. Click the Request button. Your private key and certificate signing request will be generated and stored in the repository.
  7. In the list of certificates, click the name of the certificate you just created. A page showing the certificate properties opens.
  8. Locate the CSR section on the page, and copy the text that starts with the line -----BEGIN CERTIFICATE REQUEST----- and ends with the line -----END CERTIFICATE REQUEST----- to the clipboard.
  9. Submit your CSR to your third-party certifying authority. Fill out any information they require. When you fill in the server type, select Apache or Apache OpenSSL, whichever is available.
    • Verisign - choose Apache
    • Thawte - choose Apache_OpenSSL
    • GeoTrust - choose Apache + Open SSL

    It may take a few days for the certifying authority to process your request. If you have questions about the status of your request, please contact your third-party vendor.

  10. Obtain your certificate, and any required chain certificates, from your certifying authority. You may be prompted to download something called a bundle. Do so, unzip it if necessary, and open it. You will likely have one certificate and three chain certificates inside. You can open these files in a text editor, such as Notepad or TextEdit, for easy copying and pasting. Chain certificates are also called CA certificates. Import your certificate and any chain certificates.
  11. Return to the SSL certificates repository (Tools & Settings > SSL Certificates). Upload the SSL certificate: Click Browse in the middle of the page and navigate to the location of the saved certificate.
  12. Select it, and then click Send File. This will upload and install the certificate against the corresponding private key.
  13. Return to the SSL Certificates repository (Tools & Settings > SSL Certificates).
  14. Next, we need to assign the certificate to the IP address. Click on Tools & Utilities and click on IP Addresses.
  15. From the SSL Certificate drop-down menu, select the certificate you installed and click on the OK button.

Service Provider Panel

You must have the Server Administration Panel enabled. For instructions, please see: How can I change my Plesk interface?

  1. Log into the Plesk Server Administrator Panel.
  2. From the left-menu, click on Tools & Utilities.
  3. Click on SSL Certificates.
  4. Click on Add SSL Certificate.
  5. Specify the certificate properties:
    • Certificate name. This will help you identify this certificate in the repository.
    • Your location and organization name. The values you enter should not exceed the length of 64 symbols.
    • Domain name. The domain name for which you want to purchase an SSL certificate. This should be a fully qualified domain name. For this example, we use: dv-example.com.
    • Email. The website administrator's e-mail address.

    Double-check to ensure that all the provided information is correct and accurate, as it will be used to generate your private key.

  6. Click the Request button. Your private key and certificate signing request will be generated and stored in the repository.
  7. In the list of certificates, click the name of the certificate you just created. A page showing the certificate properties opens.
  8. Locate the CSR section on the page, and copy the text that starts with the line -----BEGIN CERTIFICATE REQUEST----- and ends with the line -----END CERTIFICATE REQUEST----- to the clipboard.
  9. Submit your CSR to your third-party certifying authority. Fill out any information they require. When you fill in the server type, select Apache or Apache OpenSSL, whichever is available.
    • Verisign - choose Apache
    • Thawte - choose Apache_OpenSSL
    • GeoTrust - choose Apache + Open SSL

    It may take a few days for the certifying authority to process your request. If you have questions about the status of your request, please contact your third-party vendor.

  10. Obtain your certificate, and any required chain certificates, from your certifying authority. You may be prompted to download something called a bundle. Do so, unzip it if necessary, and open it. You will likely have one certificate and three chain certificates inside. You can open these files in a text editor, such as Notepad or TextEdit, for easy copying and pasting. Chain certificates are also called CA certificates. Import your certificate and any chain certificates.
  11. Return to the SSL certificates repository (Tools & Settings > SSL Certificates). Upload the SSL certificate: Click Browse in the middle of the page and navigate to the location of the saved certificate.
  12. Select it, and then click Send File. This will upload and install the certificate against the corresponding private key.
  13. Return to the SSL Certificates repository (Tools & Settings > SSL Certificates).
  14. Next, we need to assign the certificate to the IP address. Click on Tools & Utilities and click on IP Addresses.
  15. From the SSL Certificate drop-down menu, select the certificate you installed and click on the OK button.

Manually installing a (mt) Media Temple SSL certificate

  1. Sign into your Account Center.
  2. From the "Overview" page, scroll to the Add-On Services section and click on the "Manage" button next to the SSL certificate.
  3. Click on the "View/Download Certificate Info." 
    view_ssl
  4. Either choose Download to get a zip file of your SSL certificate, or click View Certificate Data and copy the contents of the SSL certificate.
  5. Install the SSL certificate according to whatever steps your program requires.

Manually installing a (mt) Media Temple SSL certificate

  1. Sign into your Account Center.
  2. From the "Overview" page, scroll to the Add-On Services section and click on the "Manage" button next to the SSL certificate.
  3. Click on the "View/Download Certificate Info." 
    view_ssl
  4. Either choose Download to get a zip file of your SSL certificate, or click View Certificate Data and copy the contents of the SSL certificate.
  5. Install the SSL certificate according to whatever steps your program requires.

Troubleshooting

When I visit my site over https://, I get a certificate warning like this:

This is an untrusted certificate

  • See if your SSL certificate requires a chain certificate. Contact your certifying authority if you did not receive the chain certificate. Review the steps above to upload the chain certificate(s) to your server.
  • Make sure you added all of your chain certificates to the server. There are usually three.
  • Make sure the certificate has not expired.
  • Contact your certifying authority for further assistance.

This web site does not supply ownership information

  • Make sure you replaced the default Plesk certificate for your domain.
  • Plesk has a bug that makes uploaded certificates show as self-signed. If this is your first time adding an SSL certificate to the server, run this one-liner in SSH:
cd /etc/httpd/conf.d/; cp ssl.conf ssl.conf.old && sed '/VirtualHost/,$  s/^/#/'  ssl.conf.old > ssl.conf && service httpd restart

NOTE:

If you purchased your SSL Certificate from (mt), GeoTrust SSLs do not supply ownership information, only domain verification. The above command does not apply in this case.

This Connection is Untrusted

  • Use the exact domain or subdomain for which you purchased the SSL certificate. It matters whether you use the "www" or not in the URL. Adjust links, redirects, and URL settings on your website as necessary.
  • On the Grid, wait 24 hours for your IP address to update.
  • Make sure you updated your DNS to point your domain to your new IP address.

This Page Contains Both Secure and Non-Secure Items

  • Do you include any regular http:// links on your page? Make sure you switch them all to https://, or use relative paths for links.

Why do I receive a wrong certificate error via HTTPS?

Please see this article for a solution.

Unable to upload new SSL certificate due to error

Please see this article for additional information.

 

Continue