Today Admin Panel gives SSL error only if PORT is specified

Everything was running smoothly until today.

I tried to login to my admin panel but I received this message in Chrome/Firefox:

This only happens if I add the port number at the end of the url (

If I remove the port number, I get the placeholder static html page I have created. And the SSL is secure

Also all websites I am running on hestia are working, even the ones using a subdomain of (ex:

I tried to use v-add-letsencrypt-host but it gave me the following error:

Error: WEB_DOMAINS limit is reached :: upgrade user package
Error: web domain doesn’t exist

I removed from /etc/hosts > rebooted > tried 1. v-add-letsencrypt-host again and the command was executed.

But I am still facing the same problem. The port number gives the same SSL error.

I tried in incognito mode, it took me to the login page (but the url said insecure). I was able to login successfully.

I logged out of it, and now I can’t even login with Incognito Mode.

The strange thing is I didn’t change anything since my last login 3 days ago.

Any ideas?

Check what is the certificate used by Hestia:

openssl storeutl -noout -text -certs /usr/local/hestia/ssl/certificate.crt | grep -E 'Issuer:|Subject:|Not\s[AB]|DNS:' | sed 's/^\s*//' | column -t -s ':' -l 2 | sed 's/^Issuer/\nIssuer/'
Issuer       C=US, O=Let's Encrypt, CN=R3
Not Before   Feb 18 04:36:33 2024 GMT
Not After    May 18 04:36:32 2024 GMT

Issuer       C=US, O=Internet Security Research Group, CN=ISRG Root X1
Not Before   Sep  4 00:00:00 2020 GMT
Not After    Sep 15 16:00:00 2025 GMT
Subject      C=US, O=Let's Encrypt, CN=R3

Ok, and do you use to access to Hestia or do you use another domain name?

1 Like

Thanks for getting back to me.

No. I use

The weird thing is that it was working perfectly until yesterday. I didn’t change anything.

Let’s say that you already have the right certificate for so you just need to update the certificate used by your host, I will use the user admin in this example but you should use the user name where is in your Hestia conf

 v-update-host-certificate admin
1 Like

Yup that did it!
Thank you so much for taking the time to help.

Is there any way that I can automate this letsencrypt certificate renewal?

You are welcome.

It should be updated automatically when renewing the certificate.

Check that your user admin has this cron entry:

# crontab -l -u admin | grep ssl
44 2 * * * sudo /usr/local/hestia/bin/v-update-letsencrypt-ssl

Also, you should check that your server hostname is, if it isn’t, the host certificatet won’t be updated automatically.

To check your server’s hostname:

hostname -f
1 Like

Thanks again for replying.

hostname -f outputs

however, hostname (by itself) outputs

One more thing, does the cronjob you mentioned updates all the expiring soon certificates of all the hestia users and domains (including mail certificates)?


That’s weird, show the output of these commands:

cat /etc/hosts
cat /etc/hostname

Yes, that cronjob will update all certificates expiring in less than 31 days, including mail certificates

1 Like

Here it is

myuser@cphestia:~$ cat /etc/hostname
myuser@cphestia:~$ cat /etc/hosts localhost

Edit /etc/hosts file and modify the line to this: cphestia localhost
1 Like

Great thank you.

Can you please explain why I need to include the single “cphestia” entry?

When you give a name to a server, you give it as a short name, in this case, hestiacp and a fqdn (fully qualified domain name), in this case and sometimes you will try to connect directly to the short name so to be able to resolve it, you should add it to /etc/hosts file.

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.