Skip to content

Set up SSL with Let's Encrypt

Let's Encrypt is a Certificate Authority (CA) that provides free, automated, and open security certificates. It enables website owners to get security certificates within minutes, and leads to a safer web experience for everyone.

Apply for SSL via Let's Encrypt

Note

You may want to get your valid domain and server set up before applying for your certificate.

  1. Visit certbot (a Let's Encrypt client). Choose None of the above for Software and choose your OS for System. We will use CentOS/RHEL 7 as an example.
  2. Certbot will bring up some instructions specific to your OS. For CentOS7 we will run the following commands:
    yum install certbot
    certbot certonly
    
  3. Enter your email, domain and valid web root, e.g. /usr/local/lsws/DEFAULT/html/.
  4. If your application is a success, you should see Congratulations!
  5. Verify your certificate files exist: ll /etc/letsencrypt/YOUR_DOMAIN/
  6. You should see the following files:
    • cert.pem
    • chain.pem
    • fullchain.pem
    • privkey.pem

Set up SSL on LSWS

Navigate to LiteSpeed Web Server Web Admin > Configuration > Listeners > SSL

There are two methods you can choose from: with fullchain, and without.

With fullchain

  • Private Key File: /etc/letsencrypt/live/Your_Domain/privkey.pem
  • Certificate File: /etc/letsencrypt/live/Your_Domain/fullchain.pem
  • Chained Certificate: Yes
  • CA Certificate Path:
  • CA Certificate File:

Without fullchain

  • Private Key File: /etc/letsencrypt/live/Your_Domain/privkey.pem
  • Certificate File: /etc/letsencrypt/live/Your_Domain/cert.pem
  • Chained Certificate: No
  • CA Certificate Path:
  • CA Certificate File: /etc/letsencrypt/live/Your_Domain/chain.pem

Verify SSL is Working

Online SSL Testing Tool

Use ssllabs's testing tool.

Simple Browser Check

The exact mechanism depends on your browser, but you should be able to click an icon next to the URL to get site information, including connection security.

You can usually also click on the padlock or similar icon to get more information about the connection.