Step-by-step guide to Install SSL Certificate on Lighttpd
Released in 2003, Lighttpd (pron. lighty) is an open-source web server designed and optimized for high-performance environments. Lighttpd was written by Jan Kneschke as a solution to the problem of handling 10,000 connections in parallel for a single server.
Lighttpd Server SSL Installation Guide
The name Lighttpd is a portmanteau of Light and httpd. Its security, speed, and flexibility make it one of the most efficient web servers – a perfect fit for servers suffering from load problems. The speed of Lighttpd is down to its powerful memory management. It offers a small memory footprint compared to other servers.
Let’s get straight to the crux of the matter without wasting much time. Follow the given steps to install SSL on the Lighttpd server.
Step 1: Download the Intermediate certificate provided by the CA.
Step 2: Copy the contents of the Intermediate certificate and paste it into a text editor (i.e. notepad). Save the file as intermediate.crt.
Step 3: Download the x.509 SSL certificate sent by your CA. Save the file as SSL.crt.
Example:
-----BEGIN CERTIFICATE----- (SSL Certificate) -----END CERTIFICATE-----
Step 4: Locate the SSL.crt and the .key files you downloaded. Enter the command below to copy them to your website SSL directory.
# cp ssl.crt /etc/lighttpd/ssl/yourdomain.com # cp yourdomain.key /etc/lighttpd/ssl/yourdomain.com
Step 5: Now you must create a .pem file by concatenating .key and .crt files. Enter the following commands to concatenate and setup the permissions.
# cat yourdomain.key ssl.crt > yourdomain.pem # chmod 0600 yourdomain.pem # chown lighttpd:lighttpd /etc/lighttpd/ssl/yourdomain.com -R
Step 6: Use the following command to open the Lighttpd configuration file.
# vi /etc/lighttpd/lighttpd.conf
Step 7: Now you must add the following commands to the configuration section.
$SERVER["socket"] == "yourdomain.com:443" {
ssl.engine = "enable"
ssl.pemfile = "/etc/lighttpd/yourdomain.com/yourdomain.pem"
ssl.ca-file = "/etc/lighttpd/yourdomain.com/intermediate.crt"
server.name = "yourdomain.com"
server.document-root = "/home/lighttpd/yourdomain.com/https"
server.errorlog = "/var/log/lighttpd/yourdomain.com/serror.log"
accesslog.filename = "/var/log/lighttpd/yourdomain.com/saccess.log"
}
where
ssl.engine = "enable" : Enable lighttpd SSL support
ssl.pemfile = "/etc/lighttpd/yourdomain.com/yourdomain.pem"
ssl.ca-file = "/etc/lighttpd/yourdomain.com/intermediate.crt"
Now save and close the file.
Step 8: Restart the Lighttpd server using the following command.
# /etc/init.d/lighttpd restart
Important Resources
- SSL Checker tool – Verify your SSL Certificate installation
- CSR Generator Tool, generate the CSR for your website
- Lighttpd Server Support
SSL Certificate for Lighttpd Server
Lighttpd Server only accepts SSL Certificate from a genuine and trusted SSL Certificate Authority. Buy trusted SSL Certificate from at a cheap price with heavy discount rates.
