CyberPanel Community

[Tutorial] How to secure OLS/LSWS webadmin console with valid SSL certficate.

qt
qtwrk #1

Hi,

This is a guide for how to secure OLS/LSWS webadmin console with a valid SSL cert (e.g. Let’s Encrypt cert of your website.)

  1. verify the cert is working properly by access your site.

  2. login to server SSH , navigate to “/etc/letsencrypt/live” , all Let’s Encrypt cert are stored there.

  3. now go to the folder of domain you want to use to secure webadmin.

you will see 3 files

cert.pem, fullchain.pem and privkey.pem

[root@test ]# ls -l /etc/letsencrypt/live/example.me
Total 12
-rw-r--r-- 1 root root 1903 Mar  26 12:02 cert.pem
-rw-r--r-- 1 root root 3551 Mar  26 12:02 fullchain.pem
-rw------- 1 root root 1675 Mar  26 12:02 privkey.pem
  1. now navigate to “/usr/local/lsws/admin/conf” , you will see

webadmin.crt and webadmin.key

these are cert and key for webadmin https

we just need to replace the webadmin.key/crt with LE ones.

[root@test ]# cat /etc/letsencrypt/live/example.me/fullchain.pem > /usr/local/lsws/admin/conf/webadmin.crt
[root@test ]# cat /etc/letsencrypt/live/example.me/privkey.pem > /usr/local/lsws/admin/conf/webadmin.key

now restart it to make it effect.

systemctl restart lsws

access https://DOMAIN.COM:7080 you should now see it’s valid and secure.

:slight_smile:

5 replies
bs
bsanz16 #2

Works great! :smile: thanks for the guide

MB
Mysterious_Beans #3

For me the webadmin cert and key were actually in another subdirectory:

/usr/local/lsws/admin/conf/cert/

and named simply admin.crt and admin.key

Apart from that the instructions are super simple and worked perfectly :slight_smile:

sl
slike888 #4

I am Newbie and use Linode WEBLISH.
I have no way to put the command everything in the line of SSH.

"[root@test ]# cat /etc/letsencrypt/live/example.me/fullchain.pem > /usr/local/lsws/admin/conf/webadmin.crt

[root@test ]# cat /etc/letsencrypt/live/example.me/privkey.pem > /usr/local/lsws/admin/conf/webadmin.key"

Can somebody help me, please?

uz
uzairjhandeer #5

guys, I have upgraded the cyber panel to 2.0.1 after that install SpamAssassin then mail scanner then apply the given method and access the lsws admin link error refuse to connect what I can do

SP
Saulo Pila #6

Today is 07. July 2023, and I have a real problem with it. I did all the steps spoken above and OLS stands in Activating modes. It means, it is not working anymore!

I’m looking for the command to revert the CAT command.

I need to separate the concatenation of the files. Could someone help me please?

Cyberpanel version: 2.3.4

root@vmi93:~# systemctl status lsws
● lshttpd.service - OpenLiteSpeed HTTP Server
     Loaded: loaded (/etc/systemd/system/lshttpd.service; enabled; vendor preset: enabled)
     Active: activating (start) since Thu 2023-07-20 09:15:52 CDT; 56s ago
    Process: 7416 ExecStart=/usr/local/lsws/bin/lswsctrl start (code=exited, status=0/SUCCESS)
     CGroup: /system.slice/lshttpd.service

Jul 20 09:15:52 vmi93.domainserver.net systemd[1]: Starting OpenLiteSpeed HTTP Server...
Jul 20 09:15:53 vmi93.domainserver.net lswsctrl[7416]: [OK] litespeed: pid=7444.
Jul 20 09:15:56 vmi93.domainserver.net lswsctrl[7416]: [OK] litespeed: pid=7467.
Jul 20 09:15:56 vmi93.domainserver.net systemd[1]: lshttpd.service: New main PID 7467 does not exist or is a zombie.

root@vmi93:~# /usr/local/lsws/bin/lswsctrl stop
[ERROR] litespeed is not running.

The server is completely down. Could someone give me a light how can I revert this command please?

I used:

cat /etc/letsencrypt/live/comain.com/privkey.pem > /usr/local/lsws/admin/conf/webadmin.key

Sign in to reply