Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
litespeed_wiki:config:admin-ssl [2017/10/23 21:45]
Johathan Kagan [LSWS 5.2+]
litespeed_wiki:config:admin-ssl [2017/10/24 12:49]
Lisa Clarke [All Versions]
Line 1: Line 1:
 ====== How To Configure SSL For LSWS Web Admin GUI ====== ====== How To Configure SSL For LSWS Web Admin GUI ======
-As of LiteSpeed Web Server v5.2, self-signed SSL certificates are automatically created for the Web Admin GUI. This wiki can help if an older version of LSWS is being used, a different self-signed certificate is wanted, or a non-self-signed certificate is needed.+**As of LiteSpeed Web Server v5.2, self-signed SSL certificates are automatically created for the Web Admin GUI.**  
 + 
 +The following instructions are useful ​if an older version of LSWS is being used, a different self-signed certificate is wanted, or a non-self-signed certificate is needed.
  
 ===== Install/​Change Certificates ===== ===== Install/​Change Certificates =====
 ==== LSWS 5.2+ ==== ==== LSWS 5.2+ ====
 LSWS reads the following files for its WebAdmin SSL configuration:​ LSWS reads the following files for its WebAdmin SSL configuration:​
-  * Certificate File +  * Certificate File: ''​/​usr/​local/​lsws/​admin/​conf/​cert/​admin.crt''​ 
-    * /​usr/​local/​lsws/​admin/​conf/​cert/​admin.crt +  * Key File: ''​/​usr/​local/​lsws/​admin/​conf/​cert/​admin.key''​ 
-  * Key File +  * CABundle: ''​/​usr/​local/​lsws/​admin/​conf/​cert/​admin.cabundle''​ 
-    * /​usr/​local/​lsws/​admin/​conf/​cert/​admin.key +
-  * CABundle +
-    * /​usr/​local/​lsws/​admin/​conf/​cert/​admin.cabundle+
 This configuration can be changed at any time by replacing these files directly.\\ This configuration can be changed at any time by replacing these files directly.\\
-Make sure these files are owned by lsadm:​lsadm. This can be achieved by running the following command:+Make sure the files are owned by ''​lsadm:lsadm''​. This can be achieved by running the following command:
 <​code>​ <​code>​
 chown -R lsadm:lsadm /​usr/​local/​lsws/​admin/​conf/​cert/​* chown -R lsadm:lsadm /​usr/​local/​lsws/​admin/​conf/​cert/​*
 </​code>​ </​code>​
-Perform a graceful restart after making any changes ​to have them applied. The Web Admin GUI should now be using the supplied certificate. ​+Perform a graceful restart after making any changes. The changes will be applied, and Web Admin GUI will begin using the newly-supplied certificate. ​
  
 ==== All Versions ==== ==== All Versions ====
 The following will work for all versions of LSWS via the Web Admin GUI. The following will work for all versions of LSWS via the Web Admin GUI.
-  - Log in to the Web Admin GUI and navigate to Web Console ​-> Listeners. +  - Log in to the Web Admin GUI and navigate to **Web Console > Listeners**
-  - Click View/Edit for the adminListener\\ {{ :​litespeed_wiki:​config:​admin-ssl-1.png?​nolink&​800 |}} +  - Click **View/Edit** for the ''​adminListener''​\\ ​\\ {{ :​litespeed_wiki:​config:​admin-ssl-1.png?​nolink&​800 |}} 
-  - In the General tab, click edit and change Secure from No ->Yes. Then hit save.\\ {{ :​litespeed_wiki:​config:​admin-ssl-3.png?​nolink&​800 |}} +  - In the **General** tab, click **Edit** ​and change ​**Secure** from ''​No''​ to ''​Yes''​. Then hit **Save**.\\ \\ {{ :​litespeed_wiki:​config:​admin-ssl-3.png?​nolink&​800 |}} \\ 
-  - Click on the SSL tab, hit edit under the SSL Private Key & Certificate section, and add the following:​ +  - Click on the **SSL** tab, hit **Edit** ​under the **SSL Private Key & Certificate** section, and add the following:​ 
-    * Private Key File: </​path/​to/​ssl/​key_file>​ +    ​* **Private Key File:** ''​</​path/​to/​ssl/​key_file>​''​ 
-    * Certificate File: </​path/​to/​ssl/​cert_file>​ +    ​* **Certificate File:** ''​</​path/​to/​ssl/​cert_file>​''​ 
-    * Chained Certificate:​ Yes +    ​* **Chained Certificate:​** ''​Yes''​ 
-    * CA Certificate File: </​path/​to/​ssl/​ca_bundle>​\\ \\ **Note:** Make sure that these files can be read by lsadm. If not, run chown lsadm:ladm on each file so that the Web Admin GUI can read these files. \\ {{ :​litespeed_wiki:​config:​admin-ssl-4.png?​nolink&​800 |}} +    ​* **CA Certificate File:** ''​</​path/​to/​ssl/​ca_bundle>​''​\\ \\ **Note:** Make sure that these files can be read by ''​lsadm''​. If not, run ''​chown lsadm:lsadm'' ​on each file so that the Web Admin GUI can read these files. ​\\ \\ {{ :​litespeed_wiki:​config:​admin-ssl-4.png?​nolink&​800 |}} \\ 
-  - Save and perform ​ a graceful restart ​of the web server. The Web Admin GUI should now be using the non-self-signed certificate.\\ {{ :​litespeed_wiki:​config:​brotli:​brotli-5.png?​nolink&​800 |}} \\ {{ :​litespeed_wiki:​config:​brotli:​brotli-6.png?​nolink&​800 |}}+  - Save and perform ​ a Graceful Restart ​of the web server. The Web Admin GUI should now be using the non-self-signed certificate.\\ \\ {{ :​litespeed_wiki:​config:​brotli:​brotli-5.png?​nolink&​800 |}} \\ {{ :​litespeed_wiki:​config:​brotli:​brotli-6.png?​nolink&​800 |}}
  
  • Admin
  • Last modified: 2017/10/24 12:49
  • by Lisa Clarke