Next question about ssl,
how to use cloudflare ssl with hestiacp?
Cloudflare - protect leaking server ip but when i’m added domain to cloudflare & vestacp it’s working, but when forced ssl on cloudflare side not:
Hello I would like to understand if the le cert ist thought for the panel url itself most it will be some subdomain srv.domain.tld
As it can be done on vestacp
Or is it only for the hosted domains and we have to buy some ssl for the panel itself?
Best regards Markus
Thanks for your request. Please check the v-add-letsencrypt-host command, it will automatically add a valid let’s encrypt ssl certificate for hestia backend.
Thank you for the ultra fast Sunday reply…
Nice hint I will report when I’m at home.
Update:
i cannot believe that it is so easy. great work what you did here. Thank you for that.
It worked, simply enter
v-add-letsencrypt-host
then the letsencrypt cert is used for panel no need to buy some cert elsewhere.
i use ubuntu 18.04 and first time i installed this HestiaCP i encountered the problem with Publickey due to missing gnugp2 package solvable easily with
sudo apt install gnupg2
i have another little problem i think i will open new thread so that others can perhaps benefit from my very good first experience with your software.
Best regards Markus
ok , i have second installation with hestia panel
i upgraded to branch master successfully and now have 1.1.0
by the way the user is quite big in my installation
Hi folks, just as an FYI, I have just installed Hestiacp (ex-vestacp user) and found that the Portal SSL was not encrypted which I thought was odd. I would hope the next release by default, has this enabled.
I was using Debain 10.5 and HestiaCP v1.2.3
I used the above command as root via SSH and it resolved the issue. Since it uses Lets Encrypt, will it automatically update at the end of the 90 days based on the primary site hostname?
Your problem lies in the traffic between Cloudflare and your site. CF has 4 SSL/TLS operation modes. If it is set to OFF or Flexible, CF sends Http requests to the site and when the certificate is connected, a permanent 301 redirect occurs on the site from both sides. If it is set to Full, then the traffic goes only to Https.