Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision Last revision Both sides next revision | ||
|
litespeed_wiki:config:admin-ssl [2017/10/23 21:42] Johathan Kagan [All Versions] |
litespeed_wiki:config:admin-ssl [2017/10/24 12:43] Lisa Clarke [LSWS 5.2+] |
||
|---|---|---|---|
| Line 1: | Line 1: | ||
| ====== How To Configure SSL For LSWS Web Admin GUI ====== | ====== How To Configure SSL For LSWS Web Admin GUI ====== | ||
| - | As of LiteSpeed Web Server v5.2, self-signed SSL certificates are automatically created for the Web Admin GUI. This wiki can help if an older version of LSWS is being used, a different self-signed certificate is wanted, or a non-self-signed certificate is needed. | + | **As of LiteSpeed Web Server v5.2, self-signed SSL certificates are automatically created for the Web Admin GUI.** |
| + | |||
| + | The following instructions are useful if an older version of LSWS is being used, a different self-signed certificate is wanted, or a non-self-signed certificate is needed. | ||
| ===== Install/Change Certificates ===== | ===== Install/Change Certificates ===== | ||
| ==== LSWS 5.2+ ==== | ==== LSWS 5.2+ ==== | ||
| LSWS reads the following files for its WebAdmin SSL configuration: | LSWS reads the following files for its WebAdmin SSL configuration: | ||
| - | * Certificate File | + | * Certificate File: ''/usr/local/lsws/admin/conf/cert/admin.crt'' |
| - | * /usr/local/lsws/admin/conf/cert/admin.crt | + | * Key File: ''/usr/local/lsws/admin/conf/cert/admin.key'' |
| - | * Key File | + | * CABundle: ''/usr/local/lsws/admin/conf/cert/admin.cabundle'' |
| - | * /usr/local/lsws/admin/conf/cert/admin.key | + | |
| - | * CABundle | + | |
| - | * /usr/local/lsws/admin/conf/cert/admin.cabundle | + | |
| This configuration can be changed at any time by replacing these files directly.\\ | This configuration can be changed at any time by replacing these files directly.\\ | ||
| - | Make sure these files are owned by lsadm:lsadm. This can be achieved by running the following command: | + | Make sure the files are owned by ''lsadm:lsadm''. This can be achieved by running the following command: |
| <code> | <code> | ||
| - | chown -R lsadm:lsadm /usr/local/lsws/admin/conf/cert/*'' | + | chown -R lsadm:lsadm /usr/local/lsws/admin/conf/cert/* |
| </code> | </code> | ||
| - | Perform a graceful restart after making any changes to have them applied. The Web Admin GUI should now be using the supplied certificate. | + | Perform a graceful restart after making any changes. The changes will be applied, and Web Admin GUI will begin using the newly-supplied certificate. |
| ==== All Versions ==== | ==== All Versions ==== | ||
| The following will work for all versions of LSWS via the Web Admin GUI. | The following will work for all versions of LSWS via the Web Admin GUI. | ||
| - Log in to the Web Admin GUI and navigate to Web Console -> Listeners. | - Log in to the Web Admin GUI and navigate to Web Console -> Listeners. | ||
| - | - Click View/Edit for the adminListener\\ {{ :litespeed_wiki:config:admin-ssl-1.png?nolink&800 |}} | + | - Click View/Edit for the adminListener\\ \\ {{ :litespeed_wiki:config:admin-ssl-1.png?nolink&800 |}} |
| - | - In the General tab, click edit and change Secure from No ->Yes. Then hit save.\\ {{ :litespeed_wiki:config:admin-ssl-3.png?nolink&800 |}} | + | - In the General tab, click edit and change Secure from No ->Yes. Then hit save.\\ \\ {{ :litespeed_wiki:config:admin-ssl-3.png?nolink&800 |}} \\ |
| - Click on the SSL tab, hit edit under the SSL Private Key & Certificate section, and add the following: | - Click on the SSL tab, hit edit under the SSL Private Key & Certificate section, and add the following: | ||
| - | * Private Key File: </path/to/ssl/key_file> | + | * **Private Key File:** ''</path/to/ssl/key_file>'' |
| - | * Certificate File: </path/to/ssl/cert_file> | + | * **Certificate File:** ''</path/to/ssl/cert_file>'' |
| - | * Chained Certificate: Yes | + | * **Chained Certificate:** Yes |
| - | * CA Certificate File: </path/to/ssl/ca_bundle>\\ \\ **Note:** Make sure that these files can be read by lsadm. If not, run chown lsadm:ladm on each file so that the Web Admin GUI can read these files. \\ {{ :litespeed_wiki:config:admin-ssl-4.png?nolink&800 |}} | + | * **CA Certificate File:** ''</path/to/ssl/ca_bundle>''\\ \\ **Note:** Make sure that these files can be read by lsadm. If not, run chown lsadm:ladm on each file so that the Web Admin GUI can read these files. \\ \\ {{ :litespeed_wiki:config:admin-ssl-4.png?nolink&800 |}} \\ |
| - | - Save and perform a graceful restart of the web server. The Web Admin GUI should now be using the non-self-signed certificate. | + | - Save and perform a graceful restart of the web server. The Web Admin GUI should now be using the non-self-signed certificate.\\ \\ {{ :litespeed_wiki:config:brotli:brotli-5.png?nolink&800 |}} \\ {{ :litespeed_wiki:config:brotli:brotli-6.png?nolink&800 |}} |