Shulou(Shulou.com)06/02 Report--

How to configure SSL in Lighttpd Server? This problem may be often seen in our daily study or work. I hope you can gain a lot from this question. The following is the reference content that the editor brings to you, let's take a look at it!

All sites running with SSL use the https protocol on the default port 443. SSL provides secure data communication by encrypting data between the server and the client.

In our previous article, we showed how to install LightTPD and create a virtual host on a CentOS/RHEL system. This article continues with configuring SSL in a LightTPD server. For the example in this article, we are using a self-signed certificate.

If you want to find configure ssl in apache/httpd, you may need to read this article.

Step 1: create a certificate signing request (CSR)

For creating a SSL certificate, the first requirement is to create a private key and CSR. CSR is a file that contains all the details about the domain, including the public key. Start by creating a directory in which you create the CSR and key.

# mkdir / etc/lighttpd/ssl/# cd / etc/lighttpd/ssl/

Now create the CSR and key file using the following command. Change the file names example.com.key and example.com.csr based on the domain. This command will require you to enter information about your domain. Learn more about creating a CSR.

# openssl req-new-newkey rsa:2048-nodes-keyout example.com.key-out example.com.csrGenerating a 2048 bit RSA private key....+++.+++writing new private key to 'example.com.key'-You are about to be asked to enter information that will be incorporatedinto your certificate request.What you are about to enter is what is called a Distinguished Name ora DN.There are quite a few fields but you can leave some blankFor some fields there will be a default value,If you enter'. The field will be left blank.-Country Name (2 letter code) [XX]: INState or Province Name (full name) []: DelhiLocality Name (eg, city) [Default City]: DelhiOrganization Name (eg, company) [Default Company Ltd]: TecAdmin Inc.Organizational Unit Name (eg, section) []: webCommon Name (eg) Your name or your server's hostname) []: example.comEmail Address []: user@example.comPlease enter the following 'extra' attributesto be sent with your certificate requestA challenge password []: [Leave Blank] An optional company name []: [Leave Blank]

Step 2: request a certificate from CA

After you create a CSR, request an SSL certificate from any certificate provider, such as geotrust, comodo, digicert, or godaddy.

Or create a self-signed certificate for internal use

# openssl x509-req-days 365-inexample.com.csr-signkeyexample.com.key-outexample.com.crt

The certificate file you created will be obtained in the current directory named example.com.crt. Now create the pem file by combining the key file and the certificate in one file

# cat example.com.key example.com.crt > example.com.pem

Step 3: set up a virtual host using SSL

Edit the lighttpd configuration file / etc/lighttpd/lighttpd.conf and add the following values.

$SERVER ["socket"] = ": 443" {ssl.engine = "enable" ssl.pemfile = "/ etc/lighttpd/ssl/tecadmin.net.pem" # ssl.ca-file = "/ etc/lighttpd/ssl/CA_issuing.crt" server.name = "site1.tecadmin.net" server.document-root = "/ sites/vhosts/site1.tecadmin.net/public" server.errorlog = "/ var / log/lighttpd/site1.tecadmin.net.error.log "accesslog.filename =" / var/log/lighttpd/site1.tecadmin.net.access.log "}

Step 4: verify the configuration and restart lighttpd

Verify the syntax of the configuration file before starting the lighttpd service.

# lighttpd-t-f / etc/lighttpd/lighttpd.confSyntax OK

If you find that all the syntax is normal, let's restart the service.

# service lighttpd restart Thank you for reading! After reading the above, do you have a general idea of how to configure SSL in Lighttpd Server? I hope the content of the article will be helpful to all of you. If you want to know more about the relevant articles, you are welcome to follow the industry information channel.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.