Prerequisites
Before installing Let's Encrypt SSL, make sure you have:
- Admin access to HestiaCP
- Domain correctly pointing to your server IP
- Port 80 open for validation
Method 1: Install via HestiaCP Web Interface
Step 1: Log in to HestiaCP
https://YOUR_SERVER_IP:8083Step 2: Navigate to WEB Section
Click on WEB in the top menu bar.
Step 3: Select Domain
Click on your domain name.
Step 4: Go to SSL Tab
Click on the SSL tab.
Step 5: Enable SSL Support
Toggle SSL Support to ON.
Click Install/Update Certificate button.
Step 6: Select Let's Encrypt
Choose Get automatic certificate from Let's Encrypt.
Step 7: Confirm
Click Save. The certificate will be issued automatically in seconds.
Method 2: Install via SSH Command Line
ssh hxroot@YOUR_SERVER_IP -p 22/usr/local/hestia/bin/v-add-letsencrypt-domain admin example.com ' ' yesFor multiple domains:
/usr/local/hestia/bin/v-add-letsencrypt-domain admin example.com www.example.com,yourdomain.com yesRenew Let's Encrypt SSL
HestiaCP auto-renews certificates. To manually renew:
/usr/local/hestia/bin/v-check-letsencrypt-domain admin example.comRenew all certificates:
/usr/local/hestia/bin/v-update-letsencrypt-sslVerify SSL Installation
curl -I https://example.comOr online at: https://www.ssllabs.com/ssltest/
Troubleshooting
Domain not resolving: Check DNS records with dig example.com
Port 80 blocked: Check firewall: ufw status
Rate limit exceeded: Let's Encrypt has limits (50 per week per domain). Wait and retry.
✅ Let's Encrypt SSL certificate has been installed!