Installing an SSL Certificate
From SolusVM
This is a rough guide to installing your own SSL certificate and configuring Lighttpd to redirect HTTP requests to HTTPS.
 |
Community Post - DISCLAIMER - Backup any and all files before editing. This guide worked perfect for me, but you are advised to use it at your own risk. I am not affiliated with SolusVM other than being a happy customer. |
You will need a CSR, or Certificate Signing Request, to order an SSL. This CSR will be based off your server's private key, which we will generate.
Do the following as root:
cd /usr/local/solusvm/ssl/ openssl genrsa -out solusvm.key 2048 openssl req -new -nodes -key solusvm.key -out solusvm.csr
After that last command, you answer a series of questions to generate the CSR. A few tips:
- Common Name is hostname of your server (e.g. portal.mydomain.com)
- Do not abbreviate the State field. Type the full name
- The challenge phrase is optional
Once you're finished, you will have a file called solusvm.csr. You will use the contents of that file to order an SSL cert from Godaddy, Verisign, etc.
When ordering your certificate, choose Server Type Apache.
Once you download the certificate, upload it to /usr/local/solusvm/ssl/ as solusvm.cer If you were provided with a certificate bundle or chain file, upload it as well and note the filename.
Run the following commands to create the .pem file needed by lighttpd:
cd /usr/local/solusvm/ssl/ cat solusvm.key solusvm.cer > solusvm.pem
That concatenates your key file and certificate to create the .pem file.
Now edit the /etc/lighttpd/lighttpd.conf file and change it to this:
$SERVER["socket"] == ":5656" {
ssl.engine = "enable"
ssl.pemfile = "/usr/local/solusvm/ssl/solusvm.pem"
ssl.ca-file = "/usr/local/solusvm/ssl/gd_bundle.crt"
}
Write the file and restart lighttpd by running the following command:
/etc/init.d/lighttpd restart
You're done! Now run to your browser and test.
Now that you've installed your SSL certificate, read here to Redirect_HTTP_to_HTTPS
