LiteSpeed Setup
For OpenLiteSpeed or LiteSpeed Enterprise.
This guide uses acme.sh to issue the certificate and install it into the LiteSpeed configuration directory.
1. Set Variables
bash
export DOMAIN="example.com"
export EMAIL="[email protected]"
export WEBROOT="/usr/local/lsws/Example/html"
export ACME_SERVER="your Server URL"
export EAB_KID="your EAB MAC ID"
export EAB_HMAC_KEY="your EAB MAC key"
export CERT_DIR="/usr/local/lsws/conf/cert/$DOMAIN"Make sure LiteSpeed has an HTTP listener on port 80 for ACME validation.
2. Install acme.sh
bash
curl https://get.acme.sh | sh
source ~/.bashrc 2>/dev/null || source ~/.zshrc 2>/dev/null || true
~/.acme.sh/acme.sh --version3. Register the ACME Account
bash
~/.acme.sh/acme.sh --register-account \
--server "$ACME_SERVER" \
--eab-kid "$EAB_KID" \
--eab-hmac-key "$EAB_HMAC_KEY" \
--accountemail "$EMAIL"4. Issue the Certificate
bash
~/.acme.sh/acme.sh --issue \
-d "$DOMAIN" \
-w "$WEBROOT" \
--server "$ACME_SERVER"Include www:
bash
~/.acme.sh/acme.sh --issue \
-d "$DOMAIN" \
-d "www.$DOMAIN" \
-w "$WEBROOT" \
--server "$ACME_SERVER"5. Install the Certificate
bash
sudo mkdir -p "$CERT_DIR"
sudo ~/.acme.sh/acme.sh --install-cert -d "$DOMAIN" \
--key-file "$CERT_DIR/$DOMAIN.key" \
--fullchain-file "$CERT_DIR/$DOMAIN.crt" \
--reloadcmd "systemctl reload lsws || systemctl restart lsws"6. Enable in LiteSpeed
Open LiteSpeed WebAdmin:
text
Listeners -> SSL -> SSL Private Key & CertificateUse:
text
Private Key File: /usr/local/lsws/conf/cert/example.com/example.com.key
Certificate File: /usr/local/lsws/conf/cert/example.com/example.com.crtSave and run Graceful Restart.
7. Check
bash
curl -I "https://$DOMAIN"
~/.acme.sh/acme.sh --cron --home ~/.acme.sh