WeBWorK Main Forum

Apache Lighttpd and SSL

Apache Lighttpd and SSL

by Jason Cowell -
Number of replies: 3

Hello,

I am following the guide here https://webwork.maa.org/wiki/Installation_Manual_for_2.15_on_Ubuntu_20.04_Server#Configure_lighttpd_to_use_SSL

I am using Letsencrypt to get my SSL certs for apache, and it's working fine.

My question is, can I use those same certificates I am using with Apache with Lighttpd at the same time ? obviously lighttpd would be on a different port

thanks, Jason

In reply to Jason Cowell

Re: Apache Lighttpd and SSL

by Jason Cowell -
please, anyone ?
A simple yes or no will suffice.
In reply to Jason Cowell

Re: Apache Lighttpd and SSL

by Arnold Pizer -
I believe that you can use the same official certificates for both. You definitely can use the same self signed certificates, e.g in the instructions you site you see:
"Since we already are using the files ssl-cert-snakeoil.pem and ssl-cert-snakeoil.key for apache, we will also use them for lighttpd"

Note that for lighttpd you have to concatenate the certificate and key:

"$ sudo cat /etc/ssl/private/ssl-cert-snakeoil.key /etc/ssl/certs/ssl-cert-snakeoil.pem >/etc/lighttpd/lighttpd.pem
[sudo] password for wwadmin:"

I have no experience setting up a certificate chain, etc.  Any documentation you could provide on that wouldbe helpful to others.
In reply to Jason Cowell

Re: Apache Lighttpd and SSL

by Jason Cowell -
I can confirm this does work. I use Letsencrypt.
I used;
cat /letsencrypt_dir/privkey.pem /letsencrypt_dir/fullchain.pem >pem_for_lighttpd.pem
and then followed all the same steps from the guide.

The only problem with this, in using Letsencrypt, is it renews certificate every 90 days - automatically, so I guess you have to manually re-Concatenate the files together every 90 days or so, and restart lighttpd. I'm sure there would be a way to automate this - but I don't know how.