SSL Configuration Issue with Multiple Virtual Hosts in OpenLiteSpeed

Question

I’m having trouble configuring SSL for two virtual hosts on an OpenLiteSpeed server. I have set up two virtual hosts, each with its own SSL certificate. My listener on port 443 has the ‘Secure’ field set to ‘Yes’.

However, HTTPS requests do not work unless I define an SSL certificate at the listener level, which isn’t ideal because the server only serves the certificate for one of my virtual hosts when I do this. If I configure the SSL at the virtual host level, which should be the correct practice (since I want each virtual host to serve a different certificate using SNI), the HTTPS version of my websites doesn’t load at all.

So in summary currently my listener listens on port 443 with field secure set to yes and my virtual hosts set correctly with their respective SSL configurations. It seems that Virtual Host level SSL doesn't work at all and just listener level SSL works.

Answer 1

Set up SSL for Virtual Hosts

OpenLiteSpeed supports Server Name Indication (SNI), allowing users to set SSL certificates at the virtual host level. To set up SSL for our Example2 virtual host:

1. Navigate to Virtual Hosts > Example2 > SSL > Edit SSL Private Key & Certificate

2. Update the new SSL settings with the following example as a guide, using your file paths:

   • Private Key File = /usr/local/lsws/conf/example.key
   • Certificate File = /usr/local/lsws/conf/example.crt
   • Chained Certificate = Not Set

Note 1: There is no need to set an additional listener for different domains or SSL

Note 2: Even if you have SSL set up in the virtual host, you do not want to leave the port 443 listener’s SSL empty

Refer from OLS Docs

Above setting works from my test by the way, hope it helps.