Differences
This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision | ||
litespeed_wiki:config:admin-ssl [2017/10/23 21:22] Johathan Kagan [LSWS 5.2+] |
litespeed_wiki:config:admin-ssl [2017/10/24 12:49] Lisa Clarke [All Versions] |
||
---|---|---|---|
Line 1: | Line 1: | ||
====== How To Configure SSL For LSWS Web Admin GUI ====== | ====== How To Configure SSL For LSWS Web Admin GUI ====== | ||
- | As of LiteSpeed Web Server v5.2, self-signed SSL certificates are automatically created for the Web Admin GUI. This wiki can help if an older version of LSWS is being used, a different self-signed certificate is wanted, or a non-self-signed certificate is needed. | + | **As of LiteSpeed Web Server v5.2, self-signed SSL certificates are automatically created for the Web Admin GUI.** |
+ | |||
+ | The following instructions are useful if an older version of LSWS is being used, a different self-signed certificate is wanted, or a non-self-signed certificate is needed. | ||
===== Install/Change Certificates ===== | ===== Install/Change Certificates ===== | ||
==== LSWS 5.2+ ==== | ==== LSWS 5.2+ ==== | ||
LSWS reads the following files for its WebAdmin SSL configuration: | LSWS reads the following files for its WebAdmin SSL configuration: | ||
- | * Certificate File | + | * Certificate File: ''/usr/local/lsws/admin/conf/cert/admin.crt'' |
- | * /usr/local/lsws/admin/conf/cert/admin.crt | + | * Key File: ''/usr/local/lsws/admin/conf/cert/admin.key'' |
- | * Key File | + | * CABundle: ''/usr/local/lsws/admin/conf/cert/admin.cabundle'' |
- | * /usr/local/lsws/admin/conf/cert/admin.key | + | |
- | * CABundle | + | |
- | * /usr/local/lsws/admin/conf/cert/admin.cabundle | + | |
This configuration can be changed at any time by replacing these files directly.\\ | This configuration can be changed at any time by replacing these files directly.\\ | ||
- | Make sure these files are owned by lsadm:lsadm. This can be achieved by running the following command: | + | Make sure the files are owned by ''lsadm:lsadm''. This can be achieved by running the following command: |
<code> | <code> | ||
- | chown -R lsadm:lsadm /usr/local/lsws/admin/conf/cert/*'' | + | chown -R lsadm:lsadm /usr/local/lsws/admin/conf/cert/* |
</code> | </code> | ||
- | Perform a graceful restart after making any changes to have them applied. The Web Admin GUI should now be using the supplied certificate. | + | Perform a graceful restart after making any changes. The changes will be applied, and Web Admin GUI will begin using the newly-supplied certificate. |
==== All Versions ==== | ==== All Versions ==== | ||
- | - The following will work for all versions of LSWS via the Web Admin GUI. | + | The following will work for all versions of LSWS via the Web Admin GUI. |
- | - Log in to the Web Admin GUI and navigate to Web Console -> Listeners. | + | - Log in to the Web Admin GUI and navigate to **Web Console > Listeners**. |
- | - Click View/Edit for the adminListener | + | - Click **View/Edit** for the ''adminListener''\\ \\ {{ :litespeed_wiki:config:admin-ssl-1.png?nolink&800 |}} |
- | - In the General tab, click edit and change Secure from No ->Yes. Then hit save. | + | - In the **General** tab, click **Edit** and change **Secure** from ''No'' to ''Yes''. Then hit **Save**.\\ \\ {{ :litespeed_wiki:config:admin-ssl-3.png?nolink&800 |}} \\ |
- | - Click on the SSL tab, hit edit under the SSL Private Key & Certificate section, and add the following: | + | - Click on the **SSL** tab, hit **Edit** under the **SSL Private Key & Certificate** section, and add the following: |
- | * Private Key File: </path/to/ssl/key_file> | + | * **Private Key File:** ''</path/to/ssl/key_file>'' |
- | * Certificate File: </path/to/ssl/cert_file> | + | * **Certificate File:** ''</path/to/ssl/cert_file>'' |
- | * Chained Certificate: Yes | + | * **Chained Certificate:** ''Yes'' |
- | * CA Certificate File: </path/to/ssl/ca_bundle> | + | * **CA Certificate File:** ''</path/to/ssl/ca_bundle>''\\ \\ **Note:** Make sure that these files can be read by ''lsadm''. If not, run ''chown lsadm:lsadm'' on each file so that the Web Admin GUI can read these files. \\ \\ {{ :litespeed_wiki:config:admin-ssl-4.png?nolink&800 |}} \\ |
- | * **Note:** Make sure that these files can be read by lsadm. If not, run chown lsadm:ladm on each file so that the Web Admin GUI can read these files. | + | - Save and perform a Graceful Restart of the web server. The Web Admin GUI should now be using the non-self-signed certificate.\\ \\ {{ :litespeed_wiki:config:brotli:brotli-5.png?nolink&800 |}} \\ {{ :litespeed_wiki:config:brotli:brotli-6.png?nolink&800 |}} |
- | - Save and perform a graceful restart of the web server. The Web Admin GUI should now be using the non-self-signed certificate. | + | |