lighty的官方文件對SSL配置寫的已經比較詳細了，搞懂SSL簽名流程就可以了

SSL簽名流程如下

下載

apt-get install openssl*

配置原始碼時加上 ./configure --with-openssl --with-openssl-libs=/usr/lib
用 lighttpd -v ,可以看到(ssl)
lighttpd/1.4.28 (ssl) - a light and fast webserver
Build-Date: Dec 24 2010 17:19:54


生成包含私鑰和ca的檔案，自我認證。可以通過第三方鏈條驗證
openssl req -new -x509  -keyout server.pem -out server.pem  -days 365 -nodes

在conf檔案中至少進行如下配置，SSL的預設埠為443

$SERVER["socket"] == ":443" {
       ssl.engine   = "enable"
       ssl.pemfile  = "/home/jli/network/lighttpd-1.4.28/conf/server.pem"
}

在conf檔案中至少進行如下配置，SSL的預設埠為443

$SERVER["socket"] == ":443" {
       ssl.engine   = "enable"
       ssl.pemfile  = "/home/jli/network/lighttpd-1.4.28/conf/server.pem"
}

ssl.engine     enable/disable ssl engine
ssl.pemfile     path to the PEM file for SSL support 包含私鑰和ca認證檔案
ssl.ca-file     path to the CA file for support of chained certificates。
ssl.use-sslv2     enable/disable use of SSL version 2 (lighttpd < 1.4.21 only, newer version don't support SSLv2)
ssl.cipher-list     Configure the allowed SSL ciphers
ssl.verifyclient.activate     enable/disable client verification
ssl.verifyclient.enforce     enable/disable enforcing client verification
ssl.verifyclient.depth     certificate depth for client verification
ssl.verifyclient.exportcert     enable/disable client certificate export to env:SSL_CLIENT_CERT
ssl.verifyclient.username     client certificate entity to export as env:REMOTE_USER (eg. SSL_CLIENT_S_DN_emailAddress, SSL_CLIENT_S_DN_UID, etc.)