PanelAlpha Documentation
Back Home
Live Demo Get Started

SSL Configuration

Documentation
    Introduction
Getting Started
    Installation Guide Update Guide SSL Configuration Translations
System Configuration
    General Configuration Plans Hosting Servers DNS Servers Email Servers Remote Backups Notifications Automatic SSL Plugins & Themes Background Billing Diagnostic Mode Automatic Tester
Admin Area
    Dashboard Instances Services Users Logs Migrations
Onboarding Methods
    Quick Onboarding Super Quick Onboarding Standard Onboarding
Hosting Servers
    Hosting Scenarios PanelAlpha Engine cPanel Plesk DirectAdmin WP Cloud
DNS Servers
    Cloudflare cPanel DNS Only PowerDNS
Email Servers
    Mailcow cPanel
Billing Systems Integrations
    PanelAlpha WordPress Hosting For WHMCS
Integrations
    Atarim AWStats Matomo Google Analytics Let's Encrypt Google PageSpeed Insights DB-IP Extendify WithoutDNS
Client Area - Instances
    List of Instances Creating New Instance Importing Existing Instance Instance Details Changing Domain Sharing Instances Monitoring Backups Plugins Advanced Settings
Client Area - Hosting
    Summary Domains FTP Accounts MySQL Databases Cron Jobs File Manager DNS Zone Editor Email Addresses Email Forwarders

# SSL Configuration

  • Overview
  • Prerequisites
  • Let's Encrypt SSL Certificate
    • Installation Process
    • Certificate Renewal
  • Custom SSL Certificate
    • Installation Process
    • Certificate Renewal
  • Post-Installation Configuration
    • Update PanelAlpha URLs
    • Verify SSL Installation
  • Common Problems

This guide will walk you through configuring SSL certificates for your PanelAlpha installation. SSL certificates are essential for securing connections to your PanelAlpha platform.

# Overview

PanelAlpha can operate using either a domain name or an IP address. When using a domain name, you can configure SSL certificates to secure HTTPS connections. This guide covers two methods:

  • Let's Encrypt certificates - Free SSL certificates with automatic renewal
  • Custom certificates - Use your own SSL certificates from any certificate authority

# Prerequisites

Before configuring SSL certificates, ensure you have:

  1. Root access to your server via SSH
  2. Domain name properly configured (if using domain-based SSL)
  3. DNS resolution pointing to your server's IP address
  4. Firewall configuration allowing ports 80 and 443

# Let's Encrypt SSL Certificate

Let's Encrypt provides free SSL certificates with automatic renewal capabilities. This is the recommended option for most users.

# Installation Process

  1. Access your server via SSH with root privileges:

    ssh root@your-server-ip
    
  2. Verify DNS resolution - Ensure your domain correctly resolves to your server's IP address:

    nslookup your-domain.com
    
  3. Check firewall settings - Ensure ports 80 and 443 are not blocked by your firewall.

  4. Stop PanelAlpha temporarily to free up port 80:

    docker compose -f /opt/panelalpha/app/docker-compose.yml down
    
  5. Request the SSL certificate using certbot:

    docker run -it --rm --name certbot \
    -v "/etc/letsencrypt:/etc/letsencrypt" \
    -v "/var/lib/letsencrypt:/var/lib/letsencrypt" \
    -p 80:80 \
    certbot/certbot certonly --standalone \
    --cert-name panelalpha-app \
    -d YOUR_DOMAIN
    

    Important: Replace YOUR_DOMAIN with your actual domain name.

  6. Complete the certificate request by following the terminal prompts:

    • Enter your email address
    • Accept the Terms of Service
  7. Configure PanelAlpha to use the certificates:

    sed -i~ '/^SSL_CERT_FULLCHAIN=/s#=.*#=/etc/letsencrypt/live/panelalpha-app/fullchain.pem#' /opt/panelalpha/app/.env
    
    sed -i~ '/^SSL_CERT_PRIVKEY=/s#=.*#=/etc/letsencrypt/live/panelalpha-app/privkey.pem#' /opt/panelalpha/app/.env
    
  8. Restart PanelAlpha to apply the SSL configuration:

    docker compose -f /opt/panelalpha/app/docker-compose.yml up -d
    

# Certificate Renewal

Let's Encrypt certificates expire every 90 days and need to be renewed. PanelAlpha provides an automated renewal script.

To renew your Let's Encrypt certificate:

bash /opt/panelalpha/app/letsencrypt-renew.sh

Wait for the confirmation message in the terminal to ensure successful renewal.

Automated Renewal Setup:

For automatic renewal, you can set up a cron job:

# Add to crontab to check for renewal twice daily
0 12,0 * * * /opt/panelalpha/app/letsencrypt-renew.sh >/dev/null 2>&1

# Custom SSL Certificate

If you have an SSL certificate from a commercial certificate authority or prefer to use your own certificates, follow these steps:

# Installation Process

  1. Access your server via SSH with root privileges:

    ssh root@your-server-ip
    
  2. Prepare your certificate files - Ensure you have:

    • Full chain certificate file (includes your certificate and intermediate certificates)
    • Private key file
  3. Stop PanelAlpha temporarily:

    docker compose -f /opt/panelalpha/app/docker-compose.yml down
    
  4. Configure PanelAlpha to use your certificates:

    sed -i~ '/^SSL_CERT_FULLCHAIN=/s#=.*#=/path/to/fullchain#' /opt/panelalpha/app/.env
    
    sed -i~ '/^SSL_CERT_PRIVKEY=/s#=.*#=/path/to/privatekey#' /opt/panelalpha/app/.env
    

    Important: Replace /path/to/fullchain and /path/to/privatekey with the actual paths to your certificate files.

  5. Restart PanelAlpha to apply the SSL configuration:

    docker compose -f /opt/panelalpha/app/docker-compose.yml up -d
    

# Certificate Renewal

Custom certificates need to be manually renewed when they expire. The renewal process involves:

  1. Obtaining new certificates from your certificate authority
  2. Updating the certificate files on your server
  3. Following the installation process above with the new certificate paths

# Post-Installation Configuration

# Update PanelAlpha URLs

After installing SSL certificates, update your PanelAlpha configuration to use HTTPS URLs:

  1. Access the PanelAlpha admin panel
  2. Navigate to System Configuration → General Configuration
  3. Update the following settings:
    • Application URL - Change to https://your-domain.com
    • Admin URL - Change to https://your-domain.com:8443

For detailed instructions, see the General Configuration documentation.

# Verify SSL Installation

After completing the SSL configuration:

  1. Test HTTPS access by visiting https://your-domain.com
  2. Check certificate validity using online SSL checker tools
  3. Verify automatic HTTP to HTTPS redirection
  4. Test the admin panel access via HTTPS

# Common Problems

If you encounter any issues during the update process, please refer to our Troubleshooting Center for common problems and solutions.

For additional support, contact our support team (opens new window).