How to Set Up an SSL Certificate for a Rackspace Cloud Website (Step-by-Step)

Here at PaperStreet, we setup an abundance of SSL certificates for our clients. We thought it would be worthwhile to share our process to help those who might need directions on how to accomplish this setup. Please see below for our detailed instructions on how to fully transition your website from HTTP to HTTPS with an SSL certificate. Note: these instructions specifically reference GoDaddy and the Rackspace Cloud hosting platforms.

ssl-setup-instructions

SSL Installation Instructions

  1. Purchase a standard SSL certificate (we recommend using GoDaddy)
    1. Find the new SSL certificate within GoDaddy and click “Set Up”
    2. Generate a CSR code from Rackspace
  2. Login to your Rackspace account
    1. Find and click on your website domain
    2. Click on the “Security” tab
    3. Click on “Install SSL Certificate”
    4. Click on “Start New Certificate”
    5. Fill out the necessary information
    6. Copy the CSR code from Rackspace
  3. Go over to GoDaddy and paste in the CSR code from Rackspace
    1. Uncheck “Contacts listed in the domain’s public WHOIS database record”
    2. Uncheck “Email addresses: admin@[domain], administrator@[domain], hostmaster@[domain], postmaster@[domain], and webmaster@[domain]”
  4. Wait for verification of domain ownership (the page will keep automatically refreshing)
  5. Download the HTML file and upload it to your website root
  6. Click “Check My Update” in GoDaddy and it should verify
  7. Click on “Download” once fully verified
    1. Select your server type and click “Download Zip File”
      1. We selected “Apache”
  8. Enter the CSR codes into Rackspace (you are now done with GoDaddy)
  9. Go back to Rackspace click “Enter the certificate file”
  10. Add the first .CRT file to the top field (certificate)
  11. Add the second .CRT file to the last field (intermediate certificate)
    1. Click ‘Next Step’ and finish

Next Steps

  1. If done correctly, you should see this message: “The request was successfully performed. It may take a few seconds to be completed.”
  2. It will take some time (up to an hour), but on the General Settings tab, the IP address should eventually change to the new one.
  3. If the nameservers are NOT pointed at Rackspace, you will need to login to the registrar and update the a-record to match the new IP address for this all to work.
  4. Otherwise, if the nameservers are pointed at Rackspace, the a-record updates automatically.
  5. Once the DNS a-record has been updated, this will allow you to view the site with both HTTP and HTTPS. We like to do a sneak preview using HTTPS to see what is going to need to be updated (it’s typically the JavaScript and CSS paths, they can’t include “HTTP://” and should just be “//”.
  6. Typically, these are the files that need to be updated, but be sure to look for others. It’s okay to have regular HTTP links on the page (like to a social media account), but when you are making file calls to JavaScript and CSS, they cannot contain an absolute URL with “HTTP,” or else they won’t work.
  7. Here are some typical types of files that you will need to update and remove the HTTP:
    1. http://maxcdn.bootstrapcdn.com/font-awesome/4.1.0/css/font-awesome.min.css
    2. http://fonts.googleapis.com/css?family=Droid+Serif:400,700,400italic
    3. http://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
  8. Then do a manual check on the HTTPS version of the website and make sure everything is working properly. Then add the redirect to your .htaccess file to force HTTP to redirect to HTTPS (first code below) and update the other redirects listed below accordingly (second and third code).

    #Redirect Non-WWW to WWW with SSL
    RewriteCond %{ENV:HTTPS} !on [NC]
    RewriteRule ^(.*)$ https://www.yourdomain.com/$1 [NC,R=301,L]

    #Redirect Non-WWW to WWW
    RewriteCond %{HTTP_HOST} ^yourdomain.com [NC]
    RewriteRule ^(.*)$ https://www.yourdomain.com/$1 [R=301,L]

    #Redirect alternative domains
    RewriteCond %{HTTP_HOST} ^yourdomain.com.php53-13.dfw1-1.websitetestlink.com$ [NC,OR]
    RewriteCond %{HTTP_HOST} ^www.yourdomain.com.php53-13.dfw1-1.websitetestlink.com$ [NC]
    RewriteRule (.*) https://www.yourdomain.com/$1 [R=301,L]

  9. Once the .htaccess redirects have been updated and applied, test, test and test again. Make sure that the HTTP WWW and HTTP non-WWW (and any other alternative domain names) redirect to HTTPS.
  10. Next, you’ll need to update your XML sitemap to include the new HTTPS URLs. We’d recommend using Screaming Frog to generate the XML sitemap, since most free online tools won’t process HTTPS URLs.
  11. Create two additional Google Search Console properties for HTTPS WWW and HTTPS Non-WWW. Make sure to submit the new XML sitemap to the HTTPS WWW version (or whichever is dominant).
  12. Re-sync the Google Search Console (WWW HTTPS version) with your Google Analytics account.
  13. Within Google Search Console; copy any existing disavow files and transfer to the main HTTPS property
  14. Within Google Search Console; run a “Fetch as Google” tool for HTTPS property
  15. Under Google Analytics click on Admin, then Property Settings and View settings, change the HTTP to HTTPS for Website’s URL.
  16. If you are running a PPC or AdWords campaign, the destination URL will also need to be updated.

Questions or Feedback?

We would love to hear your feedback if this blog post has helped you. Please feel free to let us know in the comments below.

If you need any assistance applying an SSL certificate to your website, we are here to help. Please feel free to contact us if you need assistance.

Related Articles in Coding,

PaperStreet: Our Services & Portfolio


Leave a Reply

Your email address will not be published. Required fields are marked *

*