aaPanel enable Panel SSL use Self-signed certificate browser add secure

aaPanel_Kern · Dec 16, 2022

For the safety of your aaPaenl use, we recommend that you enable the panel SSL certificate.

Currently only stable version 6.8.27

Self-signed certificate browser prompts insecure

Check whether baota_root.pfx and root_password.pl exist under the directory /www/server/panel/ssl

illustrate:
baota_root.pfx is the root certificate
root_password.pl is the root certificate password file

If the directory does not exist, you can manually create this directory /www/server/panel/ssl, and then enable Panel SSL. After enabling Panel SSL, if you cannot access the panel, please check whether to use https to access the panel? Try clearing your browser cache or accessing in incognito mode.

If these two files do not exist please check if your aaPanel version is equal to higher than 6.8.27? Otherwise update to the latest official version
If it is an old version upgrade, please close the Panel SSL, it will automatically use http to access the panel, after the jump is complete, re-open the Panel SSL and select the self-signed certificate, and then automatically jump again to use the https access panel, and finally check whether the file exists ?

Settings --> Security --> Panel SSL

1.Open the root_password.pl file and copy the content inside to verify the root certificate password, download the baota_root.pfx file to your local computer

2.Open the baota_root.pfx file on the local computer
After opening, go directly to the next step, the next step

After getting here, paste the contents of the root_password.pl copied before, and then the next step

Select Yes to install certificate

3.After completion, close the browser, then reopen the browser, open the aapanel panel link, you can see the lock icon, and no longer display Not secure

Note: IP access is required. Domain name access will still indicate that it is not safe. It is recommended to use the Let's Encrypt certificate for the domain name

Note: After enable Panel SSL, use https to access the panel, otherwise use http to access the panel

You can also bind the domain to use the certificate of the domain name. For the bound domain name, it is recommended to create a new subdomain on the management website of the domain name provider dedicated to the panel domain.
At the same time, it is recommended not to use the same sub-domain name as the website. For example, the domain name of the website is: aapanel.com You can create an A record named panel, and the A record of the panel is resolved to point to the server IP, and the proxy is disabled. After binding the domain, Paenl SSL can use Let's Encrypt to apply for a certificate, and the panel will automatically generate a site dedicated to renewing the certificate in the website.

aaP_vipegmarketing · Mar 30, 2023

aaPanel_Kern
I Can not found
baota_root.pfx is the root certificate
root_password.pl is the root certificate password file

aaP_vipegmarketing · Mar 30, 2023

aaP_vipegmarketing

aaPanel_Kern · Mar 31, 2023

aaP_vipegmarketing
If it is a self-signed certificate, please close and open panel ssl

aaP_vipegmarketing · Mar 31, 2023

aaPanel_Kern yes i want set ssl for aapanel on cp.vi-ip.cn

aaPanel_Kern · Mar 31, 2023

aaP_vipegmarketing
To use a domain name, you need to bind the domain first. After binding the domain, you need to use the domain name to access the panel, and you cannot use the ip to access the panel.
Close panel ssl Select Let's Encrypt to apply SSL,

aaP_vipegmarketing · Mar 31, 2023

aaPanel_Kern

aaP_vipegmarketing · Mar 31, 2023

aaP_vipegmarketing i have a server snapshot to repeat old setting

aaP_vipegmarketing · Mar 31, 2023

aaP_vipegmarketing aaPanel_Kern what is the mistakes ?

AaaP_enricoroselino · Mar 31, 2023

aaP_vipegmarketing just use nginx proxy manager, ive success setup my panel with cloudflare ssl in proxy mode

aaP_vipegmarketing · Mar 31, 2023

aaP_enricoroselino thanks , but i hope install it normally like vesta cp without third party

AaaP_enricoroselino · Mar 31, 2023

aaP_vipegmarketing
i've asked the same question but apparently this panel only can use self signed (not Lets encrypt or other) at the moment

aaP_vipegmarketing · Apr 2, 2023

aaP_enricoroselino is there a video for the process ?

Ccarlita · Jan 1, 2024

hi!
Baota baota_root.pfx and root_password.pl files are not existant.
I turned SSL off and tirned it back on several times but those files never appear.
Is it important that my browser trust the secure connection? I mean, the protocol is still secure right?
Thanks!

aaPanel_Kern · Jan 2, 2024

Hello, this may be caused by the failure of SSL application. It is recommended that you use a trusted domain name to set up SSL, and then use the domain name for access.

carlita

Ccarlita · Jan 2, 2024

@aaPanel_Kern I see... one last question. I should NOT use a subdomain from a domain i don't want the IP to be visible, right?
I ask because I use Cloudflare, my site is using the proxy option, so only the CF IPs are public. If I use a subdomain of that same domain, I would have to uncheck the proxy.

Thanks again and great year for all of you!

aaPanel_Kern · Jan 3, 2024

Hello, as long as you don’t make your subdomain public, no one will know your IP.

carlita

Ccarlita · Jan 3, 2024

aaPanel_Kern Thank you as usual Kern!

Ccarlita · Jan 4, 2024

aaPanel_Kern Sorry to bother one more time, but unfortunately, if I proxy the subdomain, the panel is not accessible. I need to set "only dns" in Cloudflare to make the panel work with a subdomain.
Is this a Cloudflare or aaPanel limitation? Is there any workaround?

Thanks in advance.