[Tutorial] How to secure OLS/LSWS webadmin console with valid SSL certficate.


This is a guide for how to secure OLS/LSWS webadmin console with a valid SSL cert (e.g. Let’s Encrypt cert of your website.)

  1. verify the cert is working properly by access your site.

  2. login to server SSH , navigate to “/etc/letsencrypt/live” , all Let’s Encrypt cert are stored there.

  3. now go to the folder of domain you want to use to secure webadmin.

you will see 3 files

cert.pem, fullchain.pem and privkey.pem

[root@test ]# ls -l /etc/letsencrypt/live/example.me
Total 12
-rw-r--r-- 1 root root 1903 Mar  26 12:02 cert.pem
-rw-r--r-- 1 root root 3551 Mar  26 12:02 fullchain.pem
-rw------- 1 root root 1675 Mar  26 12:02 privkey.pem
  1. now navigate to “/usr/local/lsws/admin/conf” , you will see

webadmin.crt and webadmin.key

these are cert and key for webadmin https

we just need to replace the webadmin.key/crt with LE ones.

[root@test ]# cat /etc/letsencrypt/live/example.me/fullchain.pem > /usr/local/lsws/admin/conf/webadmin.crt
[root@test ]# cat /etc/letsencrypt/live/example.me/privkey.pem > /usr/local/lsws/admin/conf/webadmin.key

now restart it to make it effect.

systemctl restart lsws

access https://DOMAIN.COM:7080 you should now see it’s valid and secure.


Works great! :smile: thanks for the guide

For me the webadmin cert and key were actually in another subdirectory:


and named simply admin.crt and admin.key

Apart from that the instructions are super simple and worked perfectly :slight_smile:

I am Newbie and use Linode WEBLISH.
I have no way to put the command everything in the line of SSH.

"[root@test ]# cat /etc/letsencrypt/live/example.me/fullchain.pem > /usr/local/lsws/admin/conf/webadmin.crt

[root@test ]# cat /etc/letsencrypt/live/example.me/privkey.pem > /usr/local/lsws/admin/conf/webadmin.key"

Can somebody help me, please?

guys, I have upgraded the cyber panel to 2.0.1 after that install SpamAssassin then mail scanner then apply the given method and access the lsws admin link error refuse to connect what I can do