Setup SSL with Let's Encrypt
Let's Encrypt is a Certificate Authority (CA) that provides free, automated, and open security certificates. It enables website owners to get security certificates within minutes, and leads to a safer web experience for everyone.
Apply for SSL via Let's Encrypt
Note: You may want to get your valid domain and server set up before applying for your certificate.
- Visit certbot (a Let's Encrypt client). Choose
None of the above
for Software and choose your OS for System. We will useCentOS/RHEL 7
as example. - Certbot will bring up some instructions specific to your OS. For CentOS7 we will run the following commands:
yum install certbot certbot certonly
- Enter your email, domain and valid web root, e.g.
/usr/local/lsws/DEFAULT/html/
, when prompted - If your application is a success, you should see “Congratulations!”
- Verify your certificate files exist:
ll /etc/letsencrypt/YOUR_DOMAIN/
You should see the following files:
* cert.pem * chain.pem * fullchain.pem * privkey.pem
Setup SSL on LSWS
Access LiteSpeed Web Server Web Admin → Configuration → Listeners → SSL
Method 1 with fullchain
- Private Key File:
/etc/letsencrypt/live/Your_Domain/privkey.pem
- Certificate File:
/etc/letsencrypt/live/Your_Domain/fullchain.pem
- Chained Certificate:
Yes
- CA Certificate Path:
- CA Certificate File:
Method 2 without fullchain
- Private Key File:
/etc/letsencrypt/live/Your_Domain/privkey.pem
- Certificate File:
/etc/letsencrypt/live/Your_Domain/cert.pem
- Chained Certificate:
No
- CA Certificate Path:
- CA Certificate File:
/etc/letsencrypt/live/Your_Domain/chain.pem
Verify SSL is Working
Online SSL Testing Tool
Use ssllabs's testing tool.