Step-by-step guide to Install SSL Certificate on Lighttpd

Released in 2003, Lighttpd (pron. lighty) is an open-source web server designed and optimized for high-performance environments. Lighttpd was written by Jan Kneschke as a solution to the problem of handling 10,000 connections in parallel for a single server.

Lighttpd Server SSL Installation Guide

Lighttpd Server SSL Installation Guide
 

The name Lighttpd is a portmanteau of Light and httpd. Its security, speed, and flexibility make it one of the most efficient web servers – a perfect fit for servers suffering from load problems. The speed of Lighttpd is down to its powerful memory management. It offers a small memory footprint compared to other servers.

Let’s get straight to the crux of the matter without wasting much time. Follow the given steps to install SSL on the Lighttpd server.

Step 1: Download the Intermediate certificate provided by the CA.

Step 2: Copy the contents of the Intermediate certificate and paste it into a text editor (i.e. notepad). Save the file as intermediate.crt.

Step 3: Download the x.509 SSL certificate sent by your CA. Save the file as SSL.crt.

Example:

-----BEGIN CERTIFICATE-----

(SSL Certificate)

-----END CERTIFICATE-----

 
Step 4: Locate the SSL.crt and the .key files you downloaded. Enter the command below to copy them to your website SSL directory.

# cp ssl.crt /etc/lighttpd/ssl/yourdomain.com
# cp yourdomain.key /etc/lighttpd/ssl/yourdomain.com

 
Step 5: Now you must create a .pem file by concatenating .key and .crt files. Enter the following commands to concatenate and setup the permissions.

# cat yourdomain.key ssl.crt > yourdomain.pem
# chmod 0600 yourdomain.pem
# chown lighttpd:lighttpd /etc/lighttpd/ssl/yourdomain.com -R

 
Step 6: Use the following command to open the Lighttpd configuration file.

# vi /etc/lighttpd/lighttpd.conf

 
Step 7: Now you must add the following commands to the configuration section.

$SERVER["socket"] == "yourdomain.com:443" {
ssl.engine = "enable"
ssl.pemfile = "/etc/lighttpd/yourdomain.com/yourdomain.pem"
ssl.ca-file = "/etc/lighttpd/yourdomain.com/intermediate.crt"
server.name = "yourdomain.com"
server.document-root = "/home/lighttpd/yourdomain.com/https"
server.errorlog = "/var/log/lighttpd/yourdomain.com/serror.log"
accesslog.filename = "/var/log/lighttpd/yourdomain.com/saccess.log"
}
where
ssl.engine = "enable" : Enable lighttpd SSL support
ssl.pemfile = "/etc/lighttpd/yourdomain.com/yourdomain.pem"
ssl.ca-file = "/etc/lighttpd/yourdomain.com/intermediate.crt"
  

 
Now save and close the file. 

Step 8: Restart the Lighttpd server using the following command.

# /etc/init.d/lighttpd restart

 

Important Resources

 

SSL Certificate for Lighttpd Server

green pad lockLighttpd Server only accepts SSL Certificate from a genuine and trusted SSL Certificate Authority. Buy trusted SSL Certificate from at a cheap price with heavy discount rates.

Author

Welcome to Savvy Security, a blog focused on providing practical cybersecurity advice for website owners and small businesses. Our team brings you the latest news, best practices and tips you can use to protect your business...without a multi-million dollar budget or 24/7 security teams.