Facebook Twitter Instagram
    TecAdmin
    • Home
    • FeedBack
    • Submit Article
    • About Us
    Facebook Twitter Instagram
    TecAdmin
    You are at:Home»Linux Distributions»CentOS»How to Configure SSL in Lighttpd Server

    How to Configure SSL in Lighttpd Server

    By RahulMarch 24, 20143 Mins Read

    All the sites running with SSL are used https protocol on default port 443. SSL provides secure data communication by encrypting data between server and client. In our earlier articles we have described about installing lighttpd and creating virtualhosts in CentOS/RHEL systems. This article will help you to configure SSL in Lighttpd server. For this example we are using an self signed certificate.

    Advertisement

    If you are looking for configure ssl in Apache/HTTPD, then you have to this article.

    Step 1: Create Certificate Signing Request (CSR)

    For creating SSL certificate, the first requirement is to create private key and CSR. A CSR is an file which have all details about domain including an public key. first create a directory where to create csr and key.

    # mkdir /etc/lighttpd/ssl/
    # cd /etc/lighttpd/ssl/
    

    Now create CSR and key file with following command. Change name of files example.com.key and example.com.csr as per your domains. This command will ask for enter information about your domain. Read more about creating CSR.

    # openssl req -new -newkey rsa:2048 -nodes -keyout example.com.key -out example.com.csr
    
    Generating a 2048 bit RSA private key
    ....+++
    ...............+++
    writing new private key to 'example.com.key'
    -----
    You are about to be asked to enter information that will be incorporated
    into your certificate request.
    What you are about to enter is what is called a Distinguished Name or a DN.
    There are quite a few fields but you can leave some blank
    For some fields there will be a default value,
    If you enter '.', the field will be left blank.
    -----
    Country Name (2 letter code) [XX]:IN
    State or Province Name (full name) []:Delhi
    Locality Name (eg, city) [Default City]:Delhi
    Organization Name (eg, company) [Default Company Ltd]:TecAdmin Inc.
    Organizational Unit Name (eg, section) []:web
    Common Name (eg, your name or your server's hostname) []:example.com
    Email Address []:[email protected]
    
    Please enter the following 'extra' attributes
    to be sent with your certificate request
    A challenge password []: [Leave Blank]
    An optional company name []: [Leave Blank]
    
    

    Step 2: Request Certificate from CA

    After creating CSR, Request an SSL certificate from any certificate providers like Geotrust, Comodo, Digicert or GoDaddy etc.

    or create a self signed certificate for internal use. We do not recommend this for production sites.

    # openssl x509 -req -days 365 -in example.com.csr -signkey example.com.key -out example.com.crt
    

    You will get created certificate file in current directory with name example.com.crt. Now create pem file by combining key file and certificate in one file

    # cat example.com.key  example.com.crt > example.com.pem
    

    Step 3: Setup VirtualHost with SSL

    Edit Lighttpd configuration file /etc/lighttpd/lighttpd.conf and add the following values.

    $SERVER["socket"] == ":443" {
            ssl.engine = "enable"
            ssl.pemfile = "/etc/lighttpd/ssl/tecadmin.net.pem"
          # ssl.ca-file = "/etc/lighttpd/ssl/CA_issuing.crt"
            server.name = "site1.tecadmin.net"
            server.document-root = "/sites/vhosts/site1.tecadmin.net/public"
            server.errorlog = "/var/log/lighttpd/site1.tecadmin.net.error.log"
            accesslog.filename = "/var/log/lighttpd/site1.tecadmin.net.access.log"
    }
    

    Step 4: Verify Configuration & Restart Lighttpd

    Verify syntax of configuration file before starting lighttpd service.

    # lighttpd -t -f /etc/lighttpd/lighttpd.conf
    
    Syntax OK
    

    If you found that all syntax is ok, lets restart service

    # service lighttpd restart
    

    https lighttpd SSL virtualhost webserver
    Share. Facebook Twitter Pinterest LinkedIn Tumblr Email WhatsApp

    Related Posts

    How to block bad bots using .htaccess

    How To Set Up Nginx Reverse Proxy: A Step-By-Step Tutorial

    How to Open Port in Linux

    Add A Comment

    Leave A Reply Cancel Reply

    Advertisement
    Recent Posts
    • How to List Manually Installed Packages in Ubuntu & Debian
    • 10 Bash Tricks Every Developer Should Know
    • How to Validate Email Address in JavaScript
    • Firewalld: Common Firewall Rules and Commands
    • 12 Apk Commands in Alpine Linux Package Management
    Facebook Twitter Instagram Pinterest
    © 2023 Tecadmin.net. All Rights Reserved | Terms  | Privacy Policy

    Type above and press Enter to search. Press Esc to cancel.