How to Install SSL Certificate on Lighttpd Server

1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
Loading...

Easily Install SSL on Lighttpd in 8 Simple Steps

install-ssl-certificate-on-lighttpd-server-aboutsslLighttpd, pronounced as ‘lighty’, is the portmanteau of Light and httpd. Lighttpd is an open-source web server offering unparalleled performance. Lighttpd was launched way back in 2003 with a view to offering fast and superior services.

Jan Kneschke is the brains behind lighty web server. He wrote Lighttpd as a solution to manage the problem of handling 10000 connections in parallel for a single server. Therefore, making it an excellent choice for the servers suffering from load problems. The speed and flexibility offered by Lighttpd can be seen in very few servers. Powerful memory management is the reason behind it. It uses much less memory compared to its peers.

We can talk all day about the pros and cons of Lighttpd but you’re not here for that, right? Well then let’s get straight down to business and learn how you can install SSL on Lighttpd.

Step 1: First, you must download the Intermediate certificate provided by the CA. You would have received it via email.

Step 2: Once you download the intermedia certificate, copy its contents and paste into a text editor (i.e. notepad).

Save the file as intermediate.crt.

Step 3: Now Download the x.509 SSL certificate sent by your CA. Save the file as SSL.crt.

It will look something like this:

—–BEGIN CERTIFICATE—–

(SSL Certificate)

—–END CERTIFICATE—–

Step 4: Now browse & locate the SSL.crt and .key files you had downloaded. Enter the below given command to copy them to your website SSL directory.

# cp ssl.crt /etc/lighttpd/ssl/yourdomain.com

# cp yourdomain.key /etc/lighttpd/ssl/yourdomain.com

Step 5: Once you have entered the afore-mentioned commands, it’s time to create a .pem file. This can be done by concatenating .key and .crt files. Enter the command below to concatenate and setup the permissions.

# cat yourdomain.key ssl.crt > yourdomain.pem

# chmod 0600 yourdomain.pem

# chown lighttpd:lighttpd /etc/lighttpd/ssl/yourdomain.com -R

Step 6: Open Lighttpd configuration file using the command below.

# vi /etc/lighttpd/lighttpd.conf

Step 7: Now add the following commands to the configuration section.

$SERVER[“socket”] == “yourdomain.com:443” {

ssl.engine = “enable”

ssl.pemfile = “/etc/lighttpd/yourdomain.com/yourdomain.pem”

ssl.ca-file = “/etc/lighttpd/yourdomain.com/intermediate.crt”

server.name = “yourdomain.com”

server.document-root = “/home/lighttpd/yourdomain.com/https”

server.errorlog = “/var/log/lighttpd/yourdomain.com/serror.log”

accesslog.filename = “/var/log/lighttpd/yourdomain.com/saccess.log”

}

where

ssl.engine = “enable” : Enable lighttpd SSL support

ssl.pemfile = “/etc/lighttpd/yourdomain.com/yourdomain.pem”

ssl.ca-file = “/etc/lighttpd/yourdomain.com/intermediate.crt”

Save and close the file once you’re done.

Step 8: Now restart the Lighttpd server using the following command.

# /etc/init.d/lighttpd restart

Important Resources