# SSL Configuration
This guide will walk you through configuring SSL certificates for your PanelAlpha installation. SSL certificates are essential for securing connections to your PanelAlpha platform.
# Overview
PanelAlpha can operate using either a domain name or an IP address. When using a domain name, you can configure SSL certificates to secure HTTPS connections. This guide covers two methods:
- Let's Encrypt certificates - Free SSL certificates with automatic renewal
- Custom certificates - Use your own SSL certificates from any certificate authority
# Prerequisites
Before configuring SSL certificates, ensure you have:
- Root access to your server via SSH
- Domain name properly configured (if using domain-based SSL)
- DNS resolution pointing to your server's IP address
- Firewall configuration allowing ports 80 and 443
# Let's Encrypt SSL Certificate
Let's Encrypt provides free SSL certificates with automatic renewal capabilities. This is the recommended option for most users.
# Installation Process
Access your server via SSH with root privileges:
ssh root@your-server-ip
Verify DNS resolution - Ensure your domain correctly resolves to your server's IP address:
nslookup your-domain.com
Check firewall settings - Ensure ports 80 and 443 are not blocked by your firewall.
Stop PanelAlpha temporarily to free up port 80:
docker compose -f /opt/panelalpha/app/docker-compose.yml down
Request the SSL certificate using certbot:
docker run -it --rm --name certbot \ -v "/etc/letsencrypt:/etc/letsencrypt" \ -v "/var/lib/letsencrypt:/var/lib/letsencrypt" \ -p 80:80 \ certbot/certbot certonly --standalone \ --cert-name panelalpha-app \ -d YOUR_DOMAIN
Important: Replace
YOUR_DOMAIN
with your actual domain name.Complete the certificate request by following the terminal prompts:
- Enter your email address
- Accept the Terms of Service
Configure PanelAlpha to use the certificates:
sed -i~ '/^SSL_CERT_FULLCHAIN=/s#=.*#=/etc/letsencrypt/live/panelalpha-app/fullchain.pem#' /opt/panelalpha/app/.env
sed -i~ '/^SSL_CERT_PRIVKEY=/s#=.*#=/etc/letsencrypt/live/panelalpha-app/privkey.pem#' /opt/panelalpha/app/.env
Restart PanelAlpha to apply the SSL configuration:
docker compose -f /opt/panelalpha/app/docker-compose.yml up -d
# Certificate Renewal
Let's Encrypt certificates expire every 90 days and need to be renewed. PanelAlpha provides an automated renewal script.
To renew your Let's Encrypt certificate:
bash /opt/panelalpha/app/letsencrypt-renew.sh
Wait for the confirmation message in the terminal to ensure successful renewal.
Automated Renewal Setup:
For automatic renewal, you can set up a cron job:
# Add to crontab to check for renewal twice daily
0 12,0 * * * /opt/panelalpha/app/letsencrypt-renew.sh >/dev/null 2>&1
# Custom SSL Certificate
If you have an SSL certificate from a commercial certificate authority or prefer to use your own certificates, follow these steps:
# Installation Process
Access your server via SSH with root privileges:
ssh root@your-server-ip
Prepare your certificate files - Ensure you have:
- Full chain certificate file (includes your certificate and intermediate certificates)
- Private key file
Stop PanelAlpha temporarily:
docker compose -f /opt/panelalpha/app/docker-compose.yml down
Configure PanelAlpha to use your certificates:
sed -i~ '/^SSL_CERT_FULLCHAIN=/s#=.*#=/path/to/fullchain#' /opt/panelalpha/app/.env
sed -i~ '/^SSL_CERT_PRIVKEY=/s#=.*#=/path/to/privatekey#' /opt/panelalpha/app/.env
Important: Replace
/path/to/fullchain
and/path/to/privatekey
with the actual paths to your certificate files.Restart PanelAlpha to apply the SSL configuration:
docker compose -f /opt/panelalpha/app/docker-compose.yml up -d
# Certificate Renewal
Custom certificates need to be manually renewed when they expire. The renewal process involves:
- Obtaining new certificates from your certificate authority
- Updating the certificate files on your server
- Following the installation process above with the new certificate paths
# Post-Installation Configuration
# Update PanelAlpha URLs
After installing SSL certificates, update your PanelAlpha configuration to use HTTPS URLs:
- Access the PanelAlpha admin panel
- Navigate to System Configuration → General Configuration
- Update the following settings:
- Application URL - Change to
https://your-domain.com
- Admin URL - Change to
https://your-domain.com:8443
- Application URL - Change to
For detailed instructions, see the General Configuration documentation.
# Verify SSL Installation
After completing the SSL configuration:
- Test HTTPS access by visiting
https://your-domain.com
- Check certificate validity using online SSL checker tools
- Verify automatic HTTP to HTTPS redirection
- Test the admin panel access via HTTPS
# Common Problems
If you encounter any issues during the update process, please refer to our Troubleshooting Center for common problems and solutions.
For additional support, contact our support team (opens new window).