Differences
This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision Last revision Both sides next revision | ||
litespeed_wiki:config:letsencrypt-ssl [2018/09/04 18:21] Eric Leu [Simple Browser check] |
litespeed_wiki:config:letsencrypt-ssl [2018/09/04 19:14] Lisa Clarke Proofreading |
||
---|---|---|---|
Line 1: | Line 1: | ||
====== Setup SSL with Let's Encrypt ====== | ====== Setup SSL with Let's Encrypt ====== | ||
- | [[https://letsencrypt.org/ | Let's Encrypt]] is designed to provide free, automated, and open security certificate authority (CA) for everyone. It enables website owners to get security certificates within minutes. This means everyone gets a safer web experience. | + | [[https://letsencrypt.org/ | Let's Encrypt]] is a Certificate Authority (CA) that provides free, automated, and open security certificates. It enables website owners to get security certificates within minutes, and leads to a safer web experience for everyone. |
- | ===== Apply SSL via Let's Encrypt ===== | + | ===== Apply for SSL via Let's Encrypt ===== |
- | - You may want to apply for your valid domain and point to your server first. | + | **Note**: You may want to get your valid domain and server set up before applying for your certificate. |
- | - Visit https://certbot.eff.org/ and choose your system for certbot command. | + | |
- | - We use CentOS7 as example. <code> | + | - Visit [[https://certbot.eff.org/ | certbot]] (a Let's Encrypt client). Choose ''None of the above'' for **Software** and choose your OS for **System**. We will use ''CentOS/RHEL 7'' as example. |
+ | - Certbot will bring up some instructions specific to your OS. For CentOS7 we will run the following commands:<code> | ||
yum install certbot | yum install certbot | ||
certbot certonly </code> | certbot certonly </code> | ||
- | - Then start entering your email, domain and valid web root, e.g. /usr/local/lsws/DEFAULT/html/ | + | - Enter your email, domain and valid web root, e.g. ''/usr/local/lsws/DEFAULT/html/'', when prompted |
- | - Then you should see Congratulations! if cert apply success. | + | - If your application is a success, you should see "Congratulations!" |
- | - Verify cert file exist \\ <code>ll /etc/letsencrypt/YOUR_DOMAIN/</code> | + | - Verify your certificate files exist: <code>ll /etc/letsencrypt/YOUR_DOMAIN/</code> You should see the following files:<code> |
* cert.pem | * cert.pem | ||
* chain.pem | * chain.pem | ||
* fullchain.pem | * fullchain.pem | ||
- | * privkey.pem | + | * privkey.pem</code> |
===== Setup SSL on LSWS===== | ===== Setup SSL on LSWS===== | ||
- | Access LiteSpeed Web Server **Web admin -> Configuration -> Listeners -> SSL** | + | Access LiteSpeed Web Server **Web Admin -> Configuration -> Listeners -> SSL** |
==== Method 1 with fullchain==== | ==== Method 1 with fullchain==== | ||
Line 36: | Line 37: | ||
* **CA Certificate File**: ''/etc/letsencrypt/live/Your_Domain/chain.pem'' | * **CA Certificate File**: ''/etc/letsencrypt/live/Your_Domain/chain.pem'' | ||
- | + | ===== Verify SSL is Working ===== | |
- | ===== How to verify SSL===== | + | ==== Online SSL Testing Tool==== |
- | ==== Online SSL testing tool==== | + | Use [[https://www.ssllabs.com/ssltest/|ssllabs]]'s testing tool. |
- | [[https://www.ssllabs.com/ssltest/|ssllabs]] | + | |
{{:litespeed_wiki:config:ssl-1.png?700|}} | {{:litespeed_wiki:config:ssl-1.png?700|}} | ||
- | ====Simple Browser check==== | + | ====Simple Browser Check==== |
- | If cert valid, you will see **Secure** in green color | + | If the certificate is valid, you will see **🔒 Secure** in green. |
{{:litespeed_wiki:config:ssl-2.png?300|}} | {{:litespeed_wiki:config:ssl-2.png?300|}} | ||
- | You can also click it to view Connection status | + | You can also click the padlock to view the connection status. |
{{:litespeed_wiki:config:ssl-3.png?400|}} | {{:litespeed_wiki:config:ssl-3.png?400|}} | ||