Prerequisites
Before securing HestiaCP with SSL, make sure you have:
- SSH access to your VPS
- A domain name pointing to your server IP
- Root or sudo privileges
Method 1: Using Let's Encrypt (Recommended)
Step 1: Connect to Your VPS
ssh hxroot@YOUR_SERVER_IP -p 22Step 2: Add a Domain for HestiaCP
If you haven't already, add a subdomain for your control panel (e.g., cp.yourdomain.com) in HestiaCP or via DNS.
Step 3: Install SSL Certificate via Command Line
/usr/local/hestia/bin/v-add-letsencrypt-domain admin cp.yourdomain.com ' ' yesStep 4: Update HestiaCP Configuration
nano /usr/local/hestia/conf/hestia.confAdd or update:
WEB_SSL='yes'
WEB_SSL_CERT='/home/admin/conf/web/ssl.cp.yourdomain.com.pem'
WEB_SSL_KEY='/home/admin/conf/web/ssl.cp.yourdomain.com.key'Step 5: Restart HestiaCP
systemctl restart hestia
systemctl restart hestia-nginxMethod 2: Using Custom SSL Certificate
Upload your certificate files to the server, then run:
/usr/local/hestia/bin/v-add-web-domain-ssl admin cp.yourdomain.com /path/to/certificate.crt /path/to/certificate.keyMethod 3: Via HestiaCP Web Interface
- Log in to HestiaCP
- Go to WEB → Click on your domain
- Scroll to SSL Support
- Click Install/Update SSL Certificate
- Select "Get automatic certificate from Let's Encrypt"
- Click Save
Verify SSL Installation
After configuration, access HestiaCP at:
https://cp.yourdomain.com:8083You should see a valid SSL certificate (padlock icon).
✅ HestiaCP is now secured with a valid SSL certificate!