How to Install CloudFlare edge certificate on open Litespeed wordpress?

[saz99]

I am running Openlitespeed WordPress (installed through the Linode marketplace) with Ubuntu 20.04 on a Linode VPS.

Although, the setup automatically installs let's Encrypt certificate on the server, I want to switch it to Cloudflare 15 year certificate. How do I do it?

 

[Cold-Egg]

Not sure if you want to use edge certificate or client certificate. You can upload your own key/cert to the server, and point either Listener>SSL or Virtual Hosts > xxxx > SSL, to load it from the web admin.
https://docs.litespeedtech.com/cloud/images/wordpress/#step-4-set-ssl-for-https

 

[saz99]

Not sure if you want to use edge certificate or client certificate. You can upload your own key/cert to the server, and point either Listener>SSL or Virtual Hosts > xxxx > SSL, to load it from the web admin.
https://docs.litespeedtech.com/cloud/images/wordpress/#step-4-set-ssl-for-https

Thank you so much for the quick reply. I want to use the Strict SSL mode in cloudflare so I will need the Cloudflare Origin Certificate too. How do I implement that? I have downloaded all the key.pem and certificate.pem and the Origin_ca.pem.

But I am not sure where exactly to put the CA File?

 

[saz99]

Not sure if you want to use edge certificate or client certificate. You can upload your own key/cert to the server, and point either Listener>SSL or Virtual Hosts > xxxx > SSL, to load it from the web admin.
https://docs.litespeedtech.com/cloud/images/wordpress/#step-4-set-ssl-for-https

Also, will I need to point both Virtual host and listener to the same cert and key files?

 

[Cold-Egg]

For multiple domains.
Port 443 Listener needs a cert & key, whether it's valid or not. Then you can put the cert&key on the virtual host SSL.
You might want to use key.pem and Origin_ca.pem?
Let us know if it works.

 

[saz99]

For multiple domains.
Port 443 Listener needs a cert & key, whether it's valid or not. Then you can put the cert&key on the virtual host SSL.
You might want to use key.pem and Origin_ca.pem?
Let us know if it works.

Sorry, I didn't understand where should I use the origin_ca.pem?

 

[saz99]

My website is still using the old ssl certificates even after making the changes

 

[Cold-Egg]

Hi, for further support, possible to raise a support ticket to support@litespeedtech.com with this link appended?

 

[saz99]

Well I am using openlitespeed. Does that come with support? I will try to mail them I guess. I will keep the tread up to date with their answer.

 

[naseem]

I will share here how to use Cloudflare Origin certificate (to use strict SSL) with Ubuntu and OLS

from SSH command prompt

1 - Create the certificate files

sudo touch /usr/local/lsws/conf/website.key
sudo touch /usr/local/lsws/conf/website.crt

2- Edit the files and paste the the certificate and key text from Cloudflare

sudo nano /usr/local/lsws/conf/website.crt
sudo nano /usr/local/lsws/conf/website.key

3- paste the the certificate and key path into the SSL section under the Virtual Hosts


4- restart OLS

 

[saz99]

Thanks, I will try it and let you know if it works or not

 

[iMydl.com]

I think you should try modifying the .conf file of the virtual host. This file should support dual certificates. In addition, CloudFlare's strict SSL only requires a qualified SSL certificate on the server side, and does not require CloudFlare's own SSL certificate. of!