To set up SSL, one needs to create a private key and get an SSL certificate from a certificate issuer. This article assumes that your private key and certificate are already ready so we can focus on configuring the OpenLitespeed side.
Create an SSL Listener
WebAdmin console => Listeners => Add button
The most important steps here are going to be setting Secure to “Yes” and making sure to set the listener to the right IP and port. You can generally set all listeners (secure and non-secure) to listen on all IPs, as traffic will be distributed by virtual host mappings (shown in section 3 below). The exception to this is if you want to bind a listener to a particular CPU. This requires a unique IP-port combination for this listener. Most HTTPS is done on port 443 by default, though, in this example, we chose port 8443 so as not to conflict with other listeners we already had set up.
Lastly, click the Save button.
Specify Your Private Key and Certificate Files for the SSL Listener
First, go to the WebAdmin console => Listeners => Your Listener Name (since in this example, we named our listener SSL, we click SSL).
Next, click the SSL tab and then the Edit button for the SSL Private Key & Certificate section.
Next, click the Edit button for the SSL Protocol section.
Match your settings to the ones pictured below and click the Save button.
Lastly, gracefully restart your server by clicking the Graceful Restart button.
Map Virtual Hosts to the SSL Listener
Again, go to the WebAdmin console => Listeners => Your Listener Name (since in this example, we named our listener SSL, again we click SSL).
For new listeners, you need to map the virtual hosts that they will be listening for. These settings are found under the General tab. Click the Add button for the Virtual Host Mappings section.
Generally, you will want to specify the domain(s) that connect to your vhost(s) here. This will tell OpenLiteSpeed where to send traffic this listener picks up. If you have only one vhost for your server or your listener is configured so as to rule out other vhosts (you have stipulated an IP or port that only one vhost uses, for example), you can use the catchall
* as the domain. (On our sample machine, we have only one virtual host, so we’ve used
Lastly, gracefully restart your server by pressing the Graceful Restart button.
We point our browser to https://localhost:8443/phpinfo.php. Note the
https at the beginning of the URL indicating a secure connection.
SSL Setup Guides in Other Language
- How to setup SSL in OpenLiteSpeed using WoSign Free SSL Certificates.