SSL Setup

How Can We Help?
< Back
You are here:
Print

Get a Certificate

To set up SSL, please prepare a private key and certificate from a certificate issuer like Let’s Encrypt. You can follow one of these guides, if necessary: public certificate via Let’s Encrypt, or private self-signed certificate. You can set up SSL at the listener level or the virtual host level. Virtual host level certificates will override server/lisener level certificates.

Set up SSL Certificate at the Listener Level

Create an SSL Listener if it does exist yet

Access the WebAdmin Console at port 7080 on your domain. Navigate to Listeners and click the Add button to create an HTTPS listener.

The most important steps here involve setting Secure to Yes and making sure to set the listener to the right IP and port. HTTPS connections usually use port 443 by default. Click the Save button once you finish the setup.

  • Listener name: HTTPS (or any appropriate name of your choice)
  • IP Address: ANY
  • Port: 443
  • Secure: Yes

Specify SSL Key and Certificate

Navigate  to the WebAdmin Console > Listeners > HTTPS (or whatever name you used) > SSL, and click the Edit button.

Specify the private key and certificate path, then click the Save button.

  • Private Key File: /etc/letsencrypt/live/ols-example.tk/privkey.pem (Use your own key path)
  • Certificate File: /etc/letsencrypt/live/ols-example.tk/fullchain.pem (Use your own cert path)
  • Chained Certificate: Yes

Map Virtual Hosts to the SSL Listener

For new listeners, you will want to map the virtual hosts that they will be listening for. These settings are found under Listeners > General. Click the Add button for the Virtual Host Mappings section. As you can see below, this field starts out empty.

Choose the Virtual Host you want, and input the domain in the Domains field.

In general, you want to specify the domain(s) that connect to your vhost(s) here. In this example, we want to allow both https://ols-example.tk and https://www.ols-example.tk to pass though.

  • Virtual Host: Example (Choose your virtual host)
  • Domains: ols-example.tk, www.ols-example.tk (Input your domain or * for all)

Restart OLS after the configuration change.

Set up SSL Certificate at the Virtual Host Level

You may have multiple domains on the same server with different virtual hosts for different domains. If you set up an SSL certificate on the virtual host level, it will override any server/listener level settings.

Specify the private key and certificate path, then click the Save button.

  • Private Key File/etc/letsencrypt/live/ols-example.tk/privkey.pem (Use your own key path)
  • Certificate File/etc/letsencrypt/live/ols-example.tk/fullchain.pem (Use your own cert path)
  • Chained CertificateYes

Restart OLS after the configuration change.

Verify SSL is Working

Point your browser to your domain. Click the https at the beginning of the URL, and you should see indication of a secure connection.