This is an old revision of the document!
How To Configure SSL For LSWS Web Admin GUI
As of LiteSpeed Web Server v5.2, self-signed SSL certificates are automatically created for the Web Admin GUI.
The following instructions are useful if an older version of LSWS is being used, a different self-signed certificate is wanted, or a non-self-signed certificate is needed.
Install/Change Certificates
LSWS 5.2+
LSWS reads the following files for its WebAdmin SSL configuration:
- Certificate File:
/usr/local/lsws/admin/conf/cert/admin.crt
- Key File:
/usr/local/lsws/admin/conf/cert/admin.key
- CABundle:
/usr/local/lsws/admin/conf/cert/admin.cabundle
This configuration can be changed at any time by replacing these files directly.
Make sure the files are owned by lsadm:lsadm
. This can be achieved by running the following command:
chown -R lsadm:lsadm /usr/local/lsws/admin/conf/cert/*
Perform a graceful restart after making any changes. The changes will be applied, and Web Admin GUI will begin using the newly-supplied certificate.
All Versions
The following will work for all versions of LSWS via the Web Admin GUI.
- Log in to the Web Admin GUI and navigate to Web Console → Listeners.
- Click View/Edit for the adminListener
- In the General tab, click edit and change Secure from No →Yes. Then hit save.
- Click on the SSL tab, hit edit under the SSL Private Key & Certificate section, and add the following:
- Private Key File:
</path/to/ssl/key_file>
- Certificate File:
</path/to/ssl/cert_file>
- Chained Certificate: Yes
- CA Certificate File:
</path/to/ssl/ca_bundle>
Note: Make sure that these files can be read by lsadm. If not, run chown lsadm:ladm on each file so that the Web Admin GUI can read these files.
- Save and perform a graceful restart of the web server. The Web Admin GUI should now be using the non-self-signed certificate.