How to secure VestaCP admin panel with Lets Encrypt SSL

This process will ensure your VestaCP admin area is secured with a Lets Encrypt SSL which will autorenew (set and forget).

Add your server hostname (e.g as a web domain in the ‘Web’ section of your VestaCP panel. Go into your newly created web domain and tick ‘SSL Support’ and ‘Lets Encrypt Support’. Verify that the domain shows ‘SSL Support: Lets Encrypt’ in the domain list before moving on

Now ssh your Vestacp server and as root and do the following

Set your hostname as a shell variable


Set the host certificate for the user admin. If you don’t use the default ‘admin’ username update the command below with your username.

v-update-host-certificate admin $HOSTNAME

Lastly set vesta to reload the SSL when it is automatically renewed

echo "UPDATE_HOSTNAME_SSL='yes'" >> /usr/local/vesta/conf/vesta.conf

The above should ensure your panel is always secured with SSL