[Tutorial] How to secure OLS/LSWS webadmin console with valid SSL certficate.

qtwrk · March 26, 2019, 11:19am

Hi,

This is a guide for how to secure OLS/LSWS webadmin console with a valid SSL cert (e.g. Let’s Encrypt cert of your website.)

verify the cert is working properly by access your site.
login to server SSH , navigate to “/etc/letsencrypt/live” , all Let’s Encrypt cert are stored there.
now go to the folder of domain you want to use to secure webadmin.

you will see 3 files

cert.pem, fullchain.pem and privkey.pem

[root@test ]# ls -l /etc/letsencrypt/live/example.me
Total 12
-rw-r--r-- 1 root root 1903 Mar  26 12:02 cert.pem
-rw-r--r-- 1 root root 3551 Mar  26 12:02 fullchain.pem
-rw------- 1 root root 1675 Mar  26 12:02 privkey.pem

now navigate to “/usr/local/lsws/admin/conf” , you will see

webadmin.crt and webadmin.key

these are cert and key for webadmin https

we just need to replace the webadmin.key/crt with LE ones.

[root@test ]# cat /etc/letsencrypt/live/example.me/fullchain.pem > /usr/local/lsws/admin/conf/webadmin.crt
[root@test ]# cat /etc/letsencrypt/live/example.me/privkey.pem > /usr/local/lsws/admin/conf/webadmin.key

now restart it to make it effect.

systemctl restart lsws

access https://DOMAIN.COM:7080 you should now see it’s valid and secure.

bsanz16 · May 13, 2019, 8:29am

Works great! thanks for the guide

Mysterious_Beans · August 2, 2019, 5:04pm

For me the webadmin cert and key were actually in another subdirectory:

/usr/local/lsws/admin/conf/cert/

and named simply admin.crt and admin.key

Apart from that the instructions are super simple and worked perfectly

slike888 · June 12, 2020, 7:15am

I am Newbie and use Linode WEBLISH.
I have no way to put the command everything in the line of SSH.

"[root@test ]# cat /etc/letsencrypt/live/example.me/fullchain.pem > /usr/local/lsws/admin/conf/webadmin.crt

[root@test ]# cat /etc/letsencrypt/live/example.me/privkey.pem > /usr/local/lsws/admin/conf/webadmin.key"

Can somebody help me, please?

uzairjhandeer · June 14, 2020, 6:14am

guys, I have upgraded the cyber panel to 2.0.1 after that install SpamAssassin then mail scanner then apply the given method and access the lsws admin link error refuse to connect what I can do

saulopilacom · July 20, 2023, 2:20pm

Today is 07. July 2023, and I have a real problem with it. I did all the steps spoken above and OLS stands in Activating modes. It means, it is not working anymore!

I’m looking for the command to revert the CAT command.

I need to separate the concatenation of the files. Could someone help me please?

Cyberpanel version: 2.3.4

root@vmi93:~# systemctl status lsws
● lshttpd.service - OpenLiteSpeed HTTP Server
     Loaded: loaded (/etc/systemd/system/lshttpd.service; enabled; vendor preset: enabled)
     Active: activating (start) since Thu 2023-07-20 09:15:52 CDT; 56s ago
    Process: 7416 ExecStart=/usr/local/lsws/bin/lswsctrl start (code=exited, status=0/SUCCESS)
     CGroup: /system.slice/lshttpd.service

Jul 20 09:15:52 vmi93.domainserver.net systemd[1]: Starting OpenLiteSpeed HTTP Server...
Jul 20 09:15:53 vmi93.domainserver.net lswsctrl[7416]: [OK] litespeed: pid=7444.
Jul 20 09:15:56 vmi93.domainserver.net lswsctrl[7416]: [OK] litespeed: pid=7467.
Jul 20 09:15:56 vmi93.domainserver.net systemd[1]: lshttpd.service: New main PID 7467 does not exist or is a zombie.

root@vmi93:~# /usr/local/lsws/bin/lswsctrl stop
[ERROR] litespeed is not running.

The server is completely down. Could someone give me a light how can I revert this command please?

I used:

cat /etc/letsencrypt/live/comain.com/privkey.pem > /usr/local/lsws/admin/conf/webadmin.key