This process will ensure your VestaCP admin area is secured with a Lets Encrypt SSL which will autorenew (set and forget).
Add your server hostname (e.g server.yourhostname.com) as a web domain in the ‘Web’ section of your VestaCP panel. Go into your newly created web domain and tick ‘SSL Support’ and ‘Lets Encrypt Support’. Verify that the domain shows ‘SSL Support: Lets Encrypt’ in the domain list before moving on
Now ssh your Vestacp server and as root and do the following
Set your hostname as a shell variable
HOSTNAME='server.yourhostname.com'
Set the host certificate for the user admin. If you don’t use the default ‘admin’ username update the command below with your username.
v-update-host-certificate admin $HOSTNAME
Lastly set vesta to reload the SSL when it is automatically renewed
echo "UPDATE_HOSTNAME_SSL='yes'" >> /usr/local/vesta/conf/vesta.conf
The above should ensure your panel is always secured with SSL