How to Install SSL/TLS Certificate In LiteSpeed?

Welcome to web hosting with LiteSpeed! This guide will explore how to use SSL/TLS protection. Our tutorial will also help a seasoned webmaster seeking a hassle-free installation process or a curious enthusiast eager to safeguard their digital domain.

Our mission is two-fold: first, we’ll navigate through the seamless steps of installing an SSL/TLS certificate on LiteSpeed. Fear not, for we shall make this journey as smooth as a glistening river on a summer’s day.

And second, we unveil the secrets to securing the best and most affordable SSL certificates, tailored for your LiteSpeed server, like precious gems waiting to be discovered.

If you’ve already charted your course with a CSR code and certificate application, feel free to set sail with us on this SSL expedition. We shall unlock the power of encryption and instill trust among our visitors.

So, prepare to elevate your website’s security by installing an SSL/TLS certificate on LiteSpeed. Let us begin!

Prerequisites

Ensuring the security of your server is of utmost importance; to accomplish that, you’ll need a few essential elements in your arsenal. Fear not; we shall guide you through the process with clarity and simplicity, ensuring a seamless implementation.

Intermediate Certificates:

These crucial files are the base in enabling devices connecting to your server to identify the issuing CA, a crucial link in the security chain. If you received your SSL certificate in a ZIP folder, you’ll likely find the Intermediate certificate(s) bundled within, also known as a CA Bundle.

Should you not have them, fret not, as you can download the appropriate CA Bundle from a trusted source tailored to complement your specific certificate.

A Private Key:

The guardian of your server’s encryption lies within the private key. This file should reside on your server or be securely kept if you generated the Certificate Signing Request (CSR) using a free generator tool.

While specific platforms like Microsoft IIS might not immediately display the private key, rest assured, it’s meticulously safeguarded by the server.

Server Certificate:

The very foundation of your SSL/TLS protection lies in the server certificate you obtained from the Certificate Authority (CA) for your domain. If you’ve received it through email, keep it safe. Alternatively, you can easily download it from your Account Dashboard by accessing your order details.

Equipping yourself with these vital components – your server certificate, intermediate certificates, and private key fortify your server’s defenses, instilling confidence and trust among your users.

QUICK NOTE: A well-protected server is the cornerstone of a secure online presence, and now you possess the knowledge to embark on this journey with peace of mind. Safeguard your digital domain, and let security pave the way to a seamless web hosting experience.

How to Generate a CSR Code on LiteSpeed?

Before acquiring an SSL Certificate for your website, you must generate a Certificate Signing Request (CSR) code and submit it to your Certificate Authority (CA) for verification. The CSR contains encrypted contact information that ensures the authenticity of your request.

To proceed, you have two options at your disposal:

Option 1: Automatic CSR Generation Using a CSR Generator

Consider utilizing a CSR Generator for a quick and effortless CSR creation process.

Option 2: Manual CSR Generation on LiteSpeed

Follow our detailed guide below to generate a CSR code on LiteSpeed:

Creating Your Private Key and CSR Code

To ensure a secure connection for your website, follow these steps to generate your private key and Certificate Signing Request (CSR) using OpenSSL:

Step 1: Generate Your Private Key

Run the following command in your terminal or command prompt:

openssl genrsa -out server.key 2048

Please note that “server” is the name given to your private key. You can choose any name you prefer, but it is essential to maintain the .key extension.

Step 2: Generate Your CSR Code

Run the following command:

openssl req -new -key server.key -out server.csr

If you assigned a different name to your private key, replace “server.key” with the appropriate name in the command. Additionally, for the “server.csr” part, you can rename it as desired, but remember to keep the .csr extension.

Step 3: Provide Contact Details

During the CSR generation process, you will be prompted to provide the following contact information:

Common Name (CN):

Enter the fully-qualified domain name (FQDN) you wish to protect, such as yoursite.com. For wildcard certificates, include an asterisk (*) before your domain (e.g., *.yoursite.com).

Organization Name (O):

Specify the full legal name of your company, like Your Company LLC.

Organizational Unit (OU):

Name your company’s department requesting the SSL Certificate, e.g., IT.

Locality or City (L):

Provide the full name of your company’s registered city, for example, Albuquerque.

State or Province (ST):

Type the full name of the state or province where your company is legally located, e.g., New Mexico.

Country (C):

Provide the two-letter code of your country, like US. You can find the complete list of country codes online.

Step 4: Save Your CSR Code

Once you have completed the process, your CSR code will reside in the directory where you executed the command. Locate the generated “server.csr” file and open it with a text editor like Notepad.

Step 5: Submit the CSR During SSL Order

To obtain your SSL Certificate, you must share the CSR content, including the BEGIN and END tags, with your chosen SSL vendor during the ordering process. This allows them to validate and issue the SSL Certificate for your website.

You’ve now successfully generated your private key and CSR code, taking a significant stride toward securing your website with an SSL Certificate.

Step-wise Tutorial for Installing an SSL Certificate in LiteSpeed

Ensuring a secure and encrypted connection is crucial for any website, and with LiteSpeed, the process becomes simple and efficient.

Follow these installation instructions to safeguard your server with an SSL certificate:

Step 1: Access your LiteSpeed WebAdmin console and click “Listeners” followed by “Add.”

Step 2: Fill in the following Address Settings to configure the newly created Listener:

• Enter a friendly internal name for your Listener.
• Select “Any” from the dropdown, or choose a specific IP-port combination if necessary.
• By default, HTTPS connections use port 443. If other Listeners are on this port, opt for an alternative such as 8443.
• Select “Yes.”
• Add any internal notes to distinguish the Listener in the future. Click “Save.”

Step 3: Navigate to the “Listeners” section again, and choose the Listener Name you previously set (e.g., “SSL”).

Step 4: Once on the SSL tab under your chosen Listener, click the “Edit” button in the SSL Private Key & Certificate section.

Step 5: Configure Filepaths:

Follow these instructions to configure your Certificate filepaths:

• Private Key File: Provide the path to your previously saved private key generated via OpenSSL.
• Certificate File: Enter the path to your server certificate the Certificate Authority (CA) sent. You should have it saved locally or in your server directory.

Complete one of the two options below for the successful installation of intermediate certificates:

  a) CA Certificate Path: Enter the path to the intermediate certificate “file” received from the CA.

  b) CA Certificate File: Provide the path to the “directory” containing the intermediate certificates sent by the CA. Click “Save.”

Step 6: Edit SSL Protocol:

Return to the SSL tab under your Listener and click the “Edit” button in the SSL Protocol section. Select “TLSv1.1” and “TLSv1.2” for Protocol Version, and then click “Save.”

Step 7: Virtual Host Mappings:

Head back to the “Listeners” section and choose your Listener Name (e.g., “SSL”). Under your selected Listener, click the “Add” button in the Virtual Host Mappings section.

Step 8: Connect Virtual Host:

In the Virtual Host Mappings section, select the Virtual Host you want to connect to the Listener from the drop-down menu.

Step 9: Enter Domains:

For the chosen Virtual Host, enter all the Domains that connect to your vhost(s). Use commas to separate multiple domains if applicable. Click “Save.”

Step 10: Graceful Restart:

Navigate to your Dashboard by selecting “Dashboard” from the menu. Click the green “Graceful Restart” button to apply the changes.

Congratulations! Your SSL certificate is now successfully installed. To verify the installation, visit your website in a browser at https://yourdomain.tld and check the certificate/site information to ensure HTTPS/SSL is working correctly.

Remember that a server restart might be necessary for the changes.

Looking for a Quick SSL Installation? Certera offers hassle-free SSL Installation Support for your Websites through a dedicated and professional team of experts.