How to Use Certbot With OpenLiteSpeed Web Server on AlmaLinux 8

a) Installing The Certbot

The Certbot is available on EPEL (Extra Packages for Enterprise Linux) repository. So, install the repository first.
sudo dnf install epel-release
Then install the Certbot.
sudo dnf install certbot

b) Creating Certificate Using The Certbot

Here, we want to create the certificate for yourdomain.com domain which is being served from the /public-path-of-website/ directory and the certificate’s RSA key size will be 4096 bits.
sudo certbot certonly --webroot -w /public-path-of-website/ -d yourdomain.com --rsa-key-size=4096
Before this, you must ensure the availability of the website through HTTP. After finishing, the Certbot will show you the path of the generated Private Key File and Certificate File. Note these down, you need to let the OpenLiteSpeed Web Server know these locations.

c) Configuring The OpenLiteSpeed Web Server

Go to your OpenLiteSpeed Web Server‘s WebAdmin Console and log in. Navigate to Virtual Hosts and then click on View icon related to your desired virtual host. Then navigate to SSL > SSL Private Key & Certificate and click on its related Edit icon.
Set the path of the Private Key File and the Certificate File and set the Chained Certificate option to Yes. Then click on Save icon.

d) Restarting

Changes will take effect after you give the OpenLiteSpeed Web Server a graceful restart. (Graceful restart ensures zero downtime.)

  • In case of its WebAdmin Console: You can just click on Graceful Restart icon and then proceed to Yes.
  • In case of systemd: sudo systemctl restart openlitespeed.service or sudo systemctl restart lsws.service

Documentations

Abdullah As-Sadeed

Abdullah As-Sadeed