By default, CloudPanel generates a
self-signed SSL certificate when you first set up your site. However, a self-signed certificate is not suitable for public websites because browsers will display security warnings.
Recommended options for SSL/TLS certificates:1. Let's Encrypt (Free)
You can easily issue a free certificate from Let's Encrypt directly within CloudPanel:
- Navigate to Actions → select New Let's Encrypt Certificate.
- Enter your domain names and click Create and Install.
Important: Make sure your domain(s) have valid DNS records pointing to your server IP before issuing the certificate.
2. Cloudflare (Free)
If you're already using Cloudflare, you don't need to issue a separate Let's Encrypt certificate. Instead, you can utilize Cloudflare's built-in SSL:
- Enable the Proxy feature for your DNS records in the Cloudflare dashboard.
- Under the SSL/TLS tab in Cloudflare, set the SSL mode to Full.
Recommended security setting:
Enable the option "Allow traffic from Cloudflare only" on your server. This setting ensures that attackers cannot bypass Cloudflare's security protections.
3. Importing Purchased Certificates (Extended Validation, etc.)
In special cases—such as obtaining an
Extended Validation (EV) certificate—you might prefer purchasing your own certificate.
To import a purchased SSL certificate into CloudPanel:
- Go to Actions → select Import Certificate.
- Provide your Private Key, Certificate, and Certificate Chain.
- Click Import and Install.
Summary (Recommendations):- For most users, Let's Encrypt certificates are sufficient, reliable, and free.
- If you're using Cloudflare, leverage its built-in SSL certificates for simplified management.
- Only purchase certificates if your project specifically requires higher validation (EV certificates).
