How to Install an SSL Certificate in LiteSpeed

Installing an SSL certificate on a LiteSpeed web server is necessary to secure your website and encrypt the data transferred between your server and users. While the process may seem difficult at first, it is straightforward. In this article, we will guide you through a step-by-step process for installing an SSL certificate on LiteSpeed.

Requirements -

1. Intermediate Certificates (CA Bundle)

2. Private Key

3. Server Certificate

Generate Certificate Signing Request ( CSR )

Follow these steps to create a CSR (Certificate Signing Request) on LiteSpeed using OpenSSL:

1. **Generate Your Private Key:
   **Run this command:

openssl genrsa -out server.key 2048

You can replace "server" with any name but keep the .key extension.

2. **Generate the CSR Code:
   **Run the following command:

openssl req -new -key server.key -out server.csr

Replace "server.key" with your private key name (if different).

3. **Enter Your Contact Details:
   **Fill up the required details:

Common Name (CN): Your domain (e.g., yoursite.com or *.yoursite.com for wildcard).

Organization (O): Full legal company name.

Organizational Unit (OU): Department name (e.g., IT).

City (L): Company’s city.

State (ST): Full state/province name.

Country (C): Two-letter country code (e.g., US).

4. Save and Use Your CSR:

The CSR is saved in the same directory as the command.

Open the .csr file with a text editor, copy the entire content (including BEGIN and END tags), and submit it when ordering your SSL certificate.

Steps to install an SSL certificate in Litespeed

1. Login to LiteSpeed WebAdmin

Open your web browser and navigate to:
https://your-server-ip:7080

• Enter your admin credentials to access the LiteSpeed WebAdmin console.

2. Add a New Listener

• In the WebAdmin console, go to Listeners → Click Add.

• Configure the following settings:

  • Listener Name: (e.g., HTTPS_Listener)

  • IP Address: ANY (or specify a dedicated IP if needed)

  • Port: 443 (default for HTTPS)

  • Secure: Yes

• Click on Save.

3. Assign SSL Certificate and Private Key

• Open the newly created listener and go to the SSL tab.

• Click Edit under SSL Private Key & Certificate.

• Enter the absolute file paths for the following:

  • Private Key File: /etc/ssl/private/your_private_key.pem

  • Certificate File: /etc/ssl/certs/your_certificate.pem

  • CA Certificate Path (if applicable): /etc/ssl/certs/your_ca_bundle.pem

• Ensure proper file permissions (e.g., chmod 600 for private key).

• Click Save.

4. Map Virtual Hosts to the Listener

• In the Listener settings, go to Virtual Host Mappings → Click Add.

• Select the relevant Virtual Host from the dropdown.

• Specify the associated domain(s) (e.g., example.com, www.example.com).

• Click Save.

5. Restart LiteSpeed to Apply Changes

• Navigate to the Dashboard.

• Click Graceful Restart to reload the configuration without downtime.

Once your SSL certificate is successfully installed on LiteSpeed, it's important to verify the setup.

If you are looking to install an SSL certificate on a Tomcat server, refer to this guide.

Verify Your SSL certificate

After installing the SSL certificate, verify that it is properly configured:

Test Using OpenSSL (Server-Side Check)

Run the following command on your server to check the certificate details:

openssl s_client -connect yourdomain.com:443 -servername yourdomain.com

Ensure the certificate chain is complete and no errors are reported.

Alternatively, you can use the SSL installation checker tool to verify the SSL certificate is correctly installed.

Conclusion

Securing your website with an SSL certificate on LiteSpeed is easy. The installation process is straightforward, even for non-technical users. Do you still Need help? Contact a professional or your hosting provider if you encounter any difficulties.