How to Install SSL Certificate on Lighttpd Server
Easily Install SSL on Lighttpd in 8 Simple Steps
Lighttpd, pronounced as ‘lighty’, is the portmanteau of Light and httpd. Lighttpd is an open-source web server offering unparalleled performance. Lighttpd was launched way back in 2003 with a view to offering fast and superior services.
Jan Kneschke is the brain behind lighty web server. He wrote Lighttpd as a solution to manage the problem of handling 10000 connections in parallel for a single server. Therefore, making it an excellent choice for the servers suffering from load problems. The speed and flexibility offered by Lighttpd can be seen in very few servers. Powerful memory management is the reason behind it. It uses much less memory compared to its peers.
We can talk all day about the pros and cons of Lighttpd but you’re not here for that, right? Well then let’s get straight down to business and learn how you can install SSL on Lighttpd.
Step 1: First, you must download the Intermediate certificate provided by the CA. You would have received it via email.
Step 2: Once you download the intermedia certificate, copy its contents and paste into a text editor (i.e. notepad).
Save the file as intermediate.crt.
Step 3: Now Download the x.509 SSL certificate sent by your CA. Save the file as SSL.crt.
It will look something like this:
—–BEGIN CERTIFICATE—–
(SSL Certificate)
—–END CERTIFICATE—–
Step 4: Now browse & locate the SSL.crt and .key files you had downloaded. Enter the below given command to copy them to your website SSL directory.
# cp ssl.crt /etc/lighttpd/ssl/yourdomain.com
# cp yourdomain.key /etc/lighttpd/ssl/yourdomain.com
Step 5: Once you have entered the afore-mentioned commands, it’s time to create a .pem file. This can be done by concatenating .key and .crt files. Enter the command below to concatenate and setup the permissions.
# cat yourdomain.key ssl.crt > yourdomain.pem
# chmod 0600 yourdomain.pem
# chown lighttpd:lighttpd /etc/lighttpd/ssl/yourdomain.com -R
Step 6: Open Lighttpd configuration file using the command below.
# vi /etc/lighttpd/lighttpd.conf
Step 7: Now add the following commands to the configuration section.
$SERVER[“socket”] == “yourdomain.com:443” {
ssl.engine = “enable”
ssl.pemfile = “/etc/lighttpd/yourdomain.com/yourdomain.pem”
ssl.ca-file = “/etc/lighttpd/yourdomain.com/intermediate.crt”
server.name = “yourdomain.com”
server.document-root = “/home/lighttpd/yourdomain.com/https”
server.errorlog = “/var/log/lighttpd/yourdomain.com/serror.log”
accesslog.filename = “/var/log/lighttpd/yourdomain.com/saccess.log”
}
where
ssl.engine = “enable” : Enable lighttpd SSL support
ssl.pemfile = “/etc/lighttpd/yourdomain.com/yourdomain.pem”
ssl.ca-file = “/etc/lighttpd/yourdomain.com/intermediate.crt”
Save and close the file once you’re done.
Step 8: Now restart the Lighttpd server using the following command.
# /etc/init.d/lighttpd restart