Help:SSL Setup

From OpenLiteSpeed
Jump to: navigation, search

To set up SSL, one needs to create a private key and get an SSL certificate from a certificate issuer. This article assumes that your private key and certificate are already ready so we can focus on configuring the OpenLitespeed side.

Create an SSL listener

WebAdmin console => Listeners => Add button


SSL SETUP1.png


The most important steps here are going to be setting Secure to "Yes" and making sure to set the listener to the right IP and port. You can generally set all listeners (secure and non-secure) to listen on all IPs, as traffic will be distributed by virtual host mappings (shown in section 3 below). The exception to this is if you want to bind a listener to a particular CPU. This requires a unique IP-port combination for this listener. Most HTTPS is done on port 443 by default, though, in this example, we chose port 8443 so as not to conflict with other listeners we already had set up.

Lastly, click the Save button.


SSL SETUP2.png

Specify your private key and certificate files for the SSL listener

First, go to the WebAdmin console => Listeners => Your Listener Name (since in this example, we named our listener SSL, we click SSL).


SSL SETUP3.png


Next, click the SSL tab and then the Edit button for the SSL Private Key & Certificate section.


SSL SETUP4.png


In the SSL tab, you will need to direct secure listeners to the private key and SSL certificate files you have created/obtained for HTTPS. Then click the Save button.


SSL SETUP5.png


Next, click the Edit button for the SSL Protocol section.


SSL SETUP6.png


Match your settings to the ones pictured below and click the Save button.


SSL SETUP7.png


Lastly, gracefully restart your server by clicking the Graceful Restart button.


SSL SETUP8.png


Map virtual hosts to the SSL listener

Again, go to the WebAdmin console => Listeners => Your Listener Name (since in this example, we named our listener SSL, again we click SSL).


SSL SETUP9.png


For new listeners, you need to map the virtual hosts that they will be listening for. These settings are found under the General tab. Click the Add button for the Virtual Host Mappings section.


SSL SETUP10.png


Generally, you will want to specify the domain(s) that connect to your vhost(s) here. This will tell OpenLiteSpeed where to send traffic this listener picks up. If you have only one vhost for your server or your listener is configured so as to rule out other vhosts (you have stipulated an IP or port that only one vhost uses, for example), you can use the catchall * as the domain. (On our sample machine, we have only one virtual host, so we've used *.)


SSL SETUP11.png


Lastly, gracefully restart your server by pressing the Graceful Restart button.


SSL SETUP12.png

Test

We point our browser to https://localhost:8443/phpinfo.php. Note the https at the beginning of the URL indicating a secure connection.


SSL-browser.png


SSL Setup Guides in Other Language

Indonesian

Mengaktifkan HTTPS di OpenLiteSpeed

How to setup SSL in OpenLiteSpeed using WoSign Free SSL Certificates.