Fix VestaCP Admin Panel SSL Certificate Error
VestaCP is an open source free web hosting control panel alternative to cPanel which also has built in features for hosting Websites, Emails, Databases, DNS, SSL Encryption and many more.
OVERVIEW OF THE ISSUE
You can generate Lets Encrypt SSL certificate by VestaCP for the Web Domain used for the VestaCP Admin Panel for free. But you will see the SSL warning, although you have successfully generated it. I will walk you through the steps to fix this issue.
First login to the VestaCP Admin Panel with admin credentials. Then navigate to WEB section and edit the Domain used for the VestaCP Admin Panel. You will see that the Domain has enabled with Lets Encrypt SSL certificate.
FIX FOR THE ISSUE
SSH to your VestaCP server. Then navigate to the directory /home/admin/conf/web. Generated SSL files for the Domain can be found in this directory with the file names started with ssl.[Domain].crt and ssl.[Domain].key.
But the VestaCP Admin Panel content is served from the directory path /usr/local/vesta/ and its default SSL certificate files certtificate.crt and certificate.key are serving from the directory /usr/local/vesta/ssl. Now this is the issue we are experiencing as the default SSL certificate has not been generated from valid certificate authority. So we need to replace these default SSL certificate with the files we have generated from the Lets Encrypt support.
In order to fix this rename the default ssl certificate files certtificate.crt and certificate.key as certtificate.crt_old and certificate.key_old.
Now copy same generated valid certificate files ssl.[Domain].crt and ssl.[Domain].key from /home/admin/conf/web to /usr/local/vesta/ssl. Then rename those as certtificate.crt and certificate.key.
cd /usr/local/vesta/ssl mv certificate.crt certificate.crt_old mv certificate.key certificate.key_old cp /home/admin/conf/web/ssl.[Domain].crt /usr/local/vesta/ssl/certificate.crt cp /home/admin/conf/web/ssl.[Domain].key /usr/local/vesta/ssl/certificate.key
Finally, restart the VestaCP service executing the command.
Now open the web browser and browse the VestaCP Admin Panel URL again. You will see the VestaCP Admin Panel certificate warning issue is now fixed and valid SSL certificate is in placed.
Please note Lets Encrypt certificate is valid for 3 months and you will have to copy the updated file accordingly or add a symbolic links as “Mike Flowers” suggested in the comment section.
That’s it. 😉