Setup SSL with Let's Encrypt

Let's Encrypt is a Certificate Authority (CA) that provides free, automated, and open security certificates. It enables website owners to get security certificates within minutes, and leads to a safer web experience for everyone.

Note: You may want to get your valid domain and server set up before applying for your certificate.

1. Visit certbot (a Let's Encrypt client). Choose None of the above for Software and choose your OS for System. We will use CentOS/RHEL 7 as example.
2. Certbot will bring up some instructions specific to your OS. For CentOS7 we will run the following commands:

   yum install certbot
   certbot certonly 

3. Enter your email, domain and valid web root, e.g. /usr/local/lsws/DEFAULT/html/, when prompted
4. If your application is a success, you should see “Congratulations!”
5. Verify your certificate files exist:

   ll /etc/letsencrypt/YOUR_DOMAIN/

   You should see the following files:

       * cert.pem
       * chain.pem
       * fullchain.pem
       * privkey.pem

Access LiteSpeed Web Server Web Admin → Configuration → Listeners → SSL

• Private Key File: /etc/letsencrypt/live/Your_Domain/privkey.pem
• Certificate File: /etc/letsencrypt/live/Your_Domain/fullchain.pem
• Chained Certificate: Yes
• CA Certificate Path:
• CA Certificate File:

• Private Key File: /etc/letsencrypt/live/Your_Domain/privkey.pem
• Certificate File: /etc/letsencrypt/live/Your_Domain/cert.pem
• Chained Certificate: No
• CA Certificate Path:
• CA Certificate File: /etc/letsencrypt/live/Your_Domain/chain.pem

Use ssllabs's testing tool.

If the certificate is valid, you will see 🔒 Secure in green.

You can also click the padlock to view the connection status.