These notes are based on this.
Install GIT and BC.
sudo apt-get install git bc
Get the latest version of LetsEncrypt using GIT, placing it in /opt/.
sudo git clone https://github.com/letsencrypt/letsencrypt /opt/letsencrypt
For the next step, we’re going to need access to Port 80, so temporarily shut down your webserver.
service lsws stop
cd /opt/letsencrypt ./letsencrypt-auto certonly --standalone -d example.com # You can include multiple "-d blah.com" strings to certify multiple domains
The first time this runs, it’s going to ask for an e-mail address.
If everything worked correctly, you’ll find your certificate files here:
example.com is your domain name.
Next, inside your OpenLiteSpeed configuration, go in to your Listener->SSL settings. Add or modify them as follows:
Chained Certificate: Yes
The rest of the fields should be blank.
That’s it. Start the server.
service lsws start
Updating your certificates
Your certificate is good for 90 days, but it’s recommended you update it every 60.
Updating is exactly the same as requesting, and requires you free up Port 80!
cd /opt/letsencrypt ./letsencrypt-auto certonly --standalone -d example.com
That will overwrite the certificate. The new certificate will be good for another 90 days.
I haven’t automated this myself yet, but there are suggestions how to do this in the article linked at the top.