Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
litespeed_wiki:config:letsencrypt-ssl [2018/09/04 18:20]
Eric Leu [Simple Browser check]
litespeed_wiki:config:letsencrypt-ssl [2022/09/30 23:50] (current)
qtwrk
Line 1: Line 1:
 ====== Setup SSL with Let's Encrypt ====== ====== Setup SSL with Let's Encrypt ======
-[[https://​letsencrypt.org/​ | Let's Encrypt]] is designed to provide ​free, automated, and open security ​certificate authority (CA) for everyone. It enables website owners to get security certificates within minutes. This means everyone gets a safer web experience. +[[https://​letsencrypt.org/​ | Let's Encrypt]] is a Certificate Authority (CA) that provides ​free, automated, and open security ​certificates. It enables website owners to get security certificates within minutes, and leads to a safer web experience ​for everyone
-===== Apply SSL via Let's Encrypt ===== +===== Apply for SSL via Let's Encrypt ===== 
-  ​- ​You may want to apply for your valid domain and point to your server ​first+**Note**: ​You may want to get your valid domain and server ​set up before applying for your certificate. 
-  - Visit https://​certbot.eff.org/​ and choose your system ​for certbot command. + 
-  - We use CentOS7 ​as example. <​code>​+  - Visit [[https://​certbot.eff.org/ ​| certbot]] (a Let's Encrypt client). Choose ''​None of the above''​ for **Software** ​and choose your OS for **System**. We will use ''​CentOS/​RHEL 7'' ​as example. ​ 
 +  - Certbot will bring up some instructions specific to your OS. For CentOS7 we will run the following commands:<​code>​
 yum install certbot yum install certbot
 certbot certonly </​code>​ certbot certonly </​code>​
-  - Then start entering ​your email, domain and valid web root, e.g. /​usr/​local/​lsws/​DEFAULT/​html/​ +  - Enter your email, domain and valid web root, e.g. ''​/​usr/​local/​lsws/​DEFAULT/​html/​'',​ when prompted 
-  - Then you should see Congratulations! ​if cert apply success. +  - If your application is a success, ​you should see "Congratulations!" 
-  - Verify ​cert file exist \\ <​code>​ll /​etc/​letsencrypt/​YOUR_DOMAIN/</​code>​+  - Verify ​your certificate files exist<​code>​ll /​etc/​letsencrypt/​YOUR_DOMAIN/</​code> You should see the following files:<code>
     * cert.pem     * cert.pem
     * chain.pem     * chain.pem
     * fullchain.pem     * fullchain.pem
-    * privkey.pem+    * privkey.pem</​code>​
  
 ===== Setup SSL on LSWS===== ===== Setup SSL on LSWS=====
-Access LiteSpeed Web Server **Web admin -> Configuration -> Listeners -> SSL**+Access LiteSpeed Web Server **Web Admin -> Configuration -> Listeners -> SSL**
  
 ==== Method 1 with fullchain==== ==== Method 1 with fullchain====
Line 22: Line 23:
  
   * **Private Key File**: ''/​etc/​letsencrypt/​live/​Your_Domain/​privkey.pem''​   * **Private Key File**: ''/​etc/​letsencrypt/​live/​Your_Domain/​privkey.pem''​
-  * **Certificate File**: ''/​etc/​letsencrypt/​live/​Your_Domain/​fullchaim.pem''​+  * **Certificate File**: ''/​etc/​letsencrypt/​live/​Your_Domain/​fullchain.pem''​
   * **Chained Certificate**:​ ''​Yes''​   * **Chained Certificate**:​ ''​Yes''​
   * **CA Certificate Path**: ​   * **CA Certificate Path**: ​
Line 33: Line 34:
   * **Certificate File**: ''/​etc/​letsencrypt/​live/​Your_Domain/​cert.pem''​   * **Certificate File**: ''/​etc/​letsencrypt/​live/​Your_Domain/​cert.pem''​
   * **Chained Certificate**:​ ''​No''​   * **Chained Certificate**:​ ''​No''​
-  * **CA Certificate Path: +  * **CA Certificate Path**
   * **CA Certificate File**: ''/​etc/​letsencrypt/​live/​Your_Domain/​chain.pem''​   * **CA Certificate File**: ''/​etc/​letsencrypt/​live/​Your_Domain/​chain.pem''​
  
- +===== Verify ​SSL is Working ​===== 
-===== How to verify ​SSL===== +==== Online SSL Testing Tool==== 
-==== Online SSL testing tool==== +Use [[https://​www.ssllabs.com/​ssltest/​|ssllabs]]'s testing tool.
-[[https://​www.ssllabs.com/​ssltest/​|ssllabs]]+
  
 {{:​litespeed_wiki:​config:​ssl-1.png?​700|}} {{:​litespeed_wiki:​config:​ssl-1.png?​700|}}
  
-====Simple Browser ​check==== +====Simple Browser ​Check==== 
-If cert valid, you will see **Secure** in green color +If the certificate is valid, you will see **🔒 Secure** in green.
  
 {{:​litespeed_wiki:​config:​ssl-2.png?​300|}} {{:​litespeed_wiki:​config:​ssl-2.png?​300|}}
  
-You can also click it to view Connection ​status+You can also click the padlock ​to view the connection ​status.
  
-{{:​litespeed_wiki:​config:​ssl-3.png?​500|}}+{{:​litespeed_wiki:​config:​ssl-3.png?​400|}}
  
  • Admin
  • Last modified: 2018/09/04 18:20
  • by Eric Leu