On this page

Setting up OpenSSL with Lighttpd

Introduction

Adding security to your website is important. In this guide, we’ll see how to create and insert SSL certificates in Lighttpd.

Installation

We only need OpenSSL:

1
apt-get install openssl

Configuration

Generating SSL keys

Let’s create an ssl directory in the Lighttpd configuration folder, then generate the certificates:

1
2
mkdir /etc/lighttpd/ssl
openssl req -new -x509 -keyout /etc/lighttpd/ssl/selfcert.pem -out /etc/lighttpd/ssl/selfcert.pem -days 3650 -nodes

selfcert.pem: use the name that interests you (e.g., deimos.fr.pem)
3650: number of days the certificate is valid (10 years, we’re safe for a good while)

Lighttpd

Let’s enable the SSL module for Lighttpd:

1
lighty-enable-mod ssl

Then let’s modify the SSL configuration file so it takes our new certificate into account (/etc/lighttpd/conf-available/10-ssl.conf):

1
2
3
4
$SERVER["socket"] == "0.0.0.0:443" {
                 ssl.engine                  = "enable"
                 ssl.pemfile                 = "/etc/lighttpd/ssl/deimos.fr.pem"
}

And that’s it! All you need to do now is restart Lighttpd, and port 443 will be open with your certificate activated :-)

Edit this page

Last updated 15 Apr 2009, 07:09 CEST. history

Restart X

Installation and Configuration of a Heartbeat V2 Cluster

Setting up OpenSSL with Lighttpd

Introduction link

Installation link

Configuration link

Generating SSL keys link

Lighttpd link

Introduction

Installation

Configuration

Generating SSL keys

Lighttpd