revolving top-ten

Eat.Sleep.Work. has been a GoDaddy customer since…who knows, like 12 years now. Coincidentally, we’ve been hosting with Media Temple since 2007; and recently GoDaddy has acquired the Culver City based hosting company.

I just installed a SSL certificate for a client of ours and had a bit of trouble finding the right documentation to install it from GoDaddy into our Media Temple VPS’ Plesk control panel. It took some digging: An hour of my time, 3 or 4 Google searches later and 5 or 6 tabs open in Google Chrome. This should have taken 15 min.

Purchase the SSL Certificate

So…started at GoDaddy.com and clicked on Web Security, then SSL Certificate. I purchased the ‘Protect One Website’ option. After adding it to my cart, I decided to go ‘balls out’ and purchase the holy grail of SSL Certificates, the Premium SSL EV. Cue the Ooos and Ahhs.

After going through the checkout process, I get this page:

godaddy-cert-start-page

Exciting right? Clicking on this button takes me to:

godaddy-cert-ssl-accountcenter

Note: I got a little freaked out after I made my purchase and this SSL Certificate section was blank. Give it a couple minutes and it’ll auto-refresh. Also, you’ll see that I have 2 SSL Certificates. That’s because I bought the Premium SSL and the Standard SSL comes included.

Get the CSR

Click on Manage and you’ll see the Certificate Setup page:

godaddy-certificate-setup

It’s time to head over to your Plesk control panel now. I’ve already got my website hosted at Media Temple so I don’t need to set anything up. If you have a new domain you’re setting up, go to the Account Center and add your domain. And that domain is required to be added in Plesk also. This pertains to the DV accounts. It’s probably a little different for Grid.

Assuming your website is already set up and you have a functional website hosted in your DV hosting account. Go to your website’s hosting control panel in Plesk. You should be on a page that looks like this:

plesk-hosting-panel

Click on Show More; then click on Secure Your Sites.

You’re taken to the SSL Certificates page. Click on ‘Add SSL Certificate‘.

plesk-ssl-page

Fill out the form with your company info and click on ‘Request’.add-ssl-plesk-csr

Now you’re shot back to the page you were just at. You’ll see C and A are greyed out. That’s OK for now. You’ll need to send over your CSR, which is basically a verification that this is the domain you want the SSL applied.

csr-request-plesk

You’ll take the CSR back to GoDaddy to connect your request. Click on the name of the account and on the next page, scroll down a bit until you see CSR. Copy (Ctrl+C) from and to:

-----BEGIN CERTIFICATE REQUEST-----
blah blah blah
blah blah blah
-----END CERTIFICATE REQUEST-----

Go back to the GoDaddy Certificate Setup page and paste (Ctrl+V) into the textarea box and click on Next. Just as insurance, if you’re not the main contact on for the SSL certificate, you’re gonna want to set up an email address that you can access like admin@domainname.com or hostmaster@domainname.com; whichever works.

godaddy-certificate-setup

Screenshot 2016-02-04 14.37.34

After pasting the CSR, click on Submit. If you got the Premium, you’re going to need to fill in more company info. Click on Finished.

Screenshot 2016-02-04 14.37.56

Now we wait until the status has been verified.

Installing the SSL Certificate

From here, I followed the instructions from Media Temple Community. I’ll jot down my exact process so you don’t have to jump back and forth from tabs. And if you find the article on GoDaddy’s website titled: INSTALLING AN SSL CERTIFICATE IN PARALLELS PLESK PANEL – avoid it. It’s more confusing after reading it.

If you’ve ordered the Premium version, verification takes much longer than setting up the Standard version. The Premium version requires you to send GoDaddy business information to verify that your business is legit and for reals. The total time to get that done is somewhere in the 2-3 week zone.

Once you get an email from GoDaddy verifying you, click on the link and you’ll get shot over to this page:

Screenshot 2016-02-05 15.29.55

I’m on Apache; you can choose whichever your website is hosted on. Select the Server type and download the zip. You’ll have 2 files in the zip file. One is the Certificate and the other is the CA Certificate. The one named ‘gd_bundle-g2-g1.crt‘ is the CA Certificate.

You have two options. Upload the files to Plesk or open them up in TextEdit or Notepad and paste them into the textarea boxes. Whichever works just fine.

Screenshot 2016-02-05 15.35.12

Send those files over into Plesk and you have just 2 more steps!

Go back to ‘Website & Domains‘ and click on ‘Hosting Settings‘.

plesk-hosting-settings

Check the box for ‘SSL support‘ and select from the drop-down menu the SSL Certificate you just added.

dropdown-SSL-Support

Scroll down a bit and click on OK.

Screenshot 2016-02-05 15.49.55Last and final step, restart Plesk. It can be found on the left sidebar under ‘Server Management‘, then ‘Tools and Settings‘. Find the link ‘Restart Server‘. Click it and voila! Look at the beautiful glowing green lock!

If you continue to have issues with getting the Green Lock to display; either it looks like https or the https is greyed out, head over to Why No Padlock and debug your site for any calls to a http object or something.

https://www.eatsleepwork.com

Additional Reading

  1. How To Protect your Server Against the POODLE SSLv3 Vulnerability

  2. SSL v3 goes to the dogs – POODLE kills off protocol

    https://scotthelme.co.uk/sslv3-goes-to-the-dogs-poodle-kills-off-protocol/

  3. https://blog.nraboy.com/2014/12/force-https-pages-wordpress-site/

Leave a Reply

Image Gallery