Set up SSL with Let's Encrypt¶

Let's Encrypt is a Certificate Authority (CA) that provides free, automated, and open security certificates. It enables website owners to get security certificates within minutes, and leads to a safer web experience for everyone.

Apply for SSL via Let's Encrypt¶

1. Visit certbot (a Let's Encrypt client). Choose None of the above for Software and choose your OS for System. We will use CentOS/RHEL 7 as an example.
2. Certbot will bring up some instructions specific to your OS. For CentOS7 we will run the following commands:

   yum install certbot
   certbot certonly
   

3. Enter your email, domain and valid web root, e.g. /usr/local/lsws/DEFAULT/html/.
4. If your application is a success, you should see Congratulations!
5. Verify your certificate files exist: ll /etc/letsencrypt/YOUR_DOMAIN/
6. You should see the following files:
   • cert.pem
   • chain.pem
   • fullchain.pem
   • privkey.pem

Set up SSL on LSWS¶

Navigate to LiteSpeed Web Server Web Admin > Configuration > Listeners > SSL

There are two methods you can choose from: with fullchain, and without.

With fullchain¶

• Private Key File: /etc/letsencrypt/live/Your_Domain/privkey.pem
• Certificate File: /etc/letsencrypt/live/Your_Domain/fullchain.pem
• Chained Certificate: Yes
• CA Certificate Path:
• CA Certificate File:

Without fullchain¶

• Private Key File: /etc/letsencrypt/live/Your_Domain/privkey.pem
• Certificate File: /etc/letsencrypt/live/Your_Domain/cert.pem
• Chained Certificate: No
• CA Certificate Path:
• CA Certificate File: /etc/letsencrypt/live/Your_Domain/chain.pem

Verify SSL is Working¶

Online SSL Testing Tool¶

Use ssllabs's testing tool.

Simple Browser Check¶

The exact mechanism depends on your browser, but you should be able to click an icon next to the URL to get site information, including connection security.

You can usually also click on the padlock or similar icon to get more information about the connection.