CSR Generation and SSL Installation on LiteSpeed Web Server

LiteSpeed Web Server is the leading high-performance, high-scalability web server from LiteSpeed technologies. It can be used to replace an existing Apache server without changing any other programs or operating system details. Best of all, it can be integrated without breaking anything. As such, LiteSpeed Web Server can quickly replace a major bottleneck in your existing web hosting platform. With its comprehensive range of features and easy-to-use web administration console, LiteSpeed Web Server can help you conquer the challenges of deploying an effective web hosting infrastructure.

This guide will take you through the following steps.

  • CSR generation on LiteSpeed webserver
  • SSL installation in Litespeed

CSR generation on LiteSpeed webserver

To apply for an SSL Certificate, you must generate a CSR (Certificate Signing Request) code and send it to your CA for validation. The CSR contains your contact data in an encoded format. In this guide, we’ll use the OpenSSL utility to generate your CSR code.

We have to generate both CSR and private key using OpenSSL:

openssl req -newkey rsa:2048 -keyout PRIVATEKEY.key -out MYCSR.csr

The command will ask you to provide the following contact details:

  • Common Name (CN): Enter the FQDN (fully-qualified domain name) you want to protect.
    For instance, yoursite.com. If you have a wildcard certificate, add an asterisk (*) in front of your domain name (e.g., *.yoursite.com)
  • Organization Name (O): Specify the full legal name of your company.
    For example, Your Company LLC
  • Organizational Unit (OU): Name the department within your company requesting the SSL Certificate.
    For example, IT
  • Locality or City (L): Write the full name of the city where your company is registered.
    For example, Albuquerque
  • State or Province (ST): Type the full name of the state or province where your company is legally located.
    For instance, New Mexico
  • Country (C): Provide the two-letter code of your country.
    For example, US.

That’s it! You’ve successfully generated your CSR code. It resides in the directory where you run the command.

SSL installation in Litespeed:

After your CA signs and sends your SSL certificate to your inbox, you can proceed to the installation. Here’s what you will need:

  • Your primary SSL certificate: This is the certificate issued specifically for your domain. You can find it in the ZIP folder, sent to you via email.
  • Your intermediate certificate: This certificate, or sometimes certificates help browsers identify the issuing CA. Intermediate certificates are usually stored in the .ca-bundle file. You’ll have to extract it from the ZIP folder.
  • Your Private Key: The private key is on your server, in the same directory where you generated the CSR request. If you didn’t generate the CSR on your server, you should have a copy of the private key in your email.

Please follow the steps below to install your SSL Certificate:

  1. Log into your LiteSpeed WebAdmin console
  2. On the left pane, select Listeners and then click Add
  3. In the address settings section, fill in the fields as shown below and then click Save
    1. Listener Name: Set a friendly name for your Listener
    2. IP Address: If you want to bind the Listener to a specific CPU, enter the unique IP; otherwise, from the drop-down list select Any
    3. Port: The default port for HTTPS connections is 443
    4. Secure: Choose Yes
    5. Notes: You can leave this field blank
  4. Go back to your admin console and click Listeners and under the Listener Name column, select the name you’ve just given in the previous step.
  5. Under your Listener, select the SSL tab, and in the SSL Private Key and Certificates table click the Edit button
  6. Next, you have to configure your file paths as shown below:
    1. Private Key File:enter the path to your private key. Remember you’ve generated the private key along with the CSR in the same directory on your server
    2. Certificate File: browse your primary SSL Certificate and add it
    3. Chained Certificates: select Not Set
      Note: To install the intermediate certificates, select one of the two options below:
    4. CA Certificate Path: if you pick this option, enter the path to the intermediate certificate file that your CA provided
    5. CA Certificate File: if you choose this field, enter the directory where your intermediate certificates reside
  7. Click Save
  8. Back in the SSL tab, under your Listener, in the SSL protocol table, click the Edit button
  9. For Protocol Version, check the latest TLSv1.1 and TLSv1.2 versions, then hit Save
  10. Return to the admin console, click Listeners and select your Listener’s name
  11. In the General tab, navigate to the Virtual Host Mappings and click the Add button
  12. From the drop-down list select the virtual host you want to assign to the listener
  13. Next, enter the Domain(s) that connect to your vhost(s). Use a comma to separate multiple domains
  14. On the left pane, click Dashboard then click the Green Restart button to restart your server.

Congratulations, you’ve successfully installed your certificate on LiteSpeed.

We hope this guide helped you with this easy process. If you are unable to use these instructions, Acmetek recommends that you contact either the vendor of your software or the hosting organization that supports it.

Recent Posts

S/MIME for Outlook O365 Windows

Add to Favorites S/MIME Advantages of S/MIME Certificates S/MIME (Secure/Multipurpose Internet Mail Extensions) certificates offer several advantages when it comes to securing email communications. Here

Read More »

Abbreviations

Add to Favorites There are literally thousands of IT abbreviations out there. Many are concerned with the technical aspects of the computer, while others deal

Read More »

SSL Installation on Qmail

Add to Favorites SSL Installation on Qmail Qmail is a secure, reliable, efficient, simple message transfer agent. It is designed for typical Internet-connected UNIX hosts.

Read More »