how to set SSL over PORT X ?

[httpd_config.conf]

hello,
we put the line

address                 *:443 *:port1 *:port2

into the file

/usr/local/lsws/conf/httpd_config.conf

but yet the browsers lounches alert when we try open

https://web:port1

or

https://web:port2

how we can fix?
what file we need edit?
thanks

 

[Cold-Egg]

The config you input is probably invalid, here's an example listener. Use web admin to setup if you aren't sure about the syntax,

listener https {
  address                 *:443
  secure                  1
  keyFile                 /usr/local/lsws/conf/example.key
  certFile                /usr/local/lsws/conf/example.crt
  map                     example example.com
}

 

[httpd_config.conf]

hello, we ADD this block of lines into the file

/usr/local/lsws/conf/httpd_config.conf

listener https {
  address                 *:3451
  secure                  1
  keyFile                 /etc/letsencrypt/live/hostname.midomain.com/privkey.pem
  certFile                /etc/letsencrypt/live/hostname.midomain.com/fullchain.pem
  map                     example example.com
}

also we restart LSWS but nothing change.

What we can do for open WITH SSL the URLs:

https://dmain:number_portA

and

https://dmain:number_portB

???

 

[Cold-Egg]

I don't get it, are you able to visit the site with that specific port now? If not, what did you see on the screen?

 

[httpd_config.conf]

thanks master by your help, finally from the file

/usr/local/lsws/conf/httpd_config.conf

following yours instructions we take this fragment of code:

listener SSL {
  address                 *:443
  secure                  1
  keyFile                  /etc/letsencrypt/live/hostname.SLD.TLD/privkey.pem
  certFile                 /etc/letsencrypt/live/hostname.SLD.TLD/fullchain.pem
  certChain               1
  sslProtocol             24
  enableECDHE             1
  renegProtection         1
  sslSessionCache         1
  enableSpdy              15
  enableStapling           1
  ocspRespMaxAge           86400
  map                     SLD.TLD SLD.TLD
}

and we "repeat" the lines with some changes:

listener MYAPP {
  map                     SLD.TLD SLD.TLD
  address                 *:8443
  secure                  1
  keyFile                  /etc/letsencrypt/live/hostname.SLD.TLD/privkey.pem
  certFile                 /etc/letsencrypt/live/hostname.SLD.TLD/fullchain.pem
}

finally we restart VPS and then "oh sorpraise!" now:

https://sld.tld:port

YES LOAD SSL but...
now NOT LOAD MY APP!, load the DEFAULT website

sld.tld

on others words, I get SSL but LOST the REAL content...

how we can fix this problem?


thanks again

 

[httpd_config.conf]

thanks master by your help...

how we can fix this problem?

note:

when we remove the line

map                     SLD.TLD SLD.TLD

then

https://sld.tld:port

load 404 not found page

 

[Cold-Egg]

Use this as an example, map example example.com, which means the example.com domain maps to the example virtual host. So, a 404 is expected if you remove all virtual host mapping.
For the incorrect content, it depends on your virtual hosts's document root settings. See step 5 of this section https://docs.openlitespeed.org/configuration#create-virtual-host-directories

 

[httpd_config.conf]

master as we say in our message #3,
SSL yes load when we put:

listener MYAPP {
  map                     SLD.TLD SLD.TLD
  address                 *:8443
  secure                  1
  keyFile                  /etc/letsencrypt/live/hostname.SLD.TLD/privkey.pem
  certFile                 /etc/letsencrypt/live/hostname.SLD.TLD/fullchain.pem
}

however load the web by default then we lost our "webapp : port"


some idea please?

 

[LiteCache]

@httpd_config.conf

If you change the port for SSL you will loose QUIC feature, because OLS and LSWS expect port 443 for QUIC.

 

[httpd_config.conf]

@httpd_config.conf

If you change the port for SSL you will loose QUIC feature, because OLS and LSWS expect port 443 for QUIC.

thanks,
you can see we not want CHANGE default port SSL.

We only need LOAD por1 and por2 WITH SSL.

how we can do it?