Use Let’s Encrypt certificate in VestaCP


Example for main domain, after the installation of VestaCP, we see the login information:
username: admin
password: xxxxxxxxxxxx

I. Create certificate for main domain (

Step I.1: clone from github

Step I.2: create certificate
See: How to renew Let’s Encrypt certificate on CentOS with NGINX

Ia. Or you can install Let’s Encrypt Wildcard SSL

II. copy or create symlink

Example create symlink:

rm -f /usr/local/vesta/ssl/certificate.crt
rm -f /usr/local/vesta/ssl/certificate.key
ln -s /etc/letsencrypt/archive/ /usr/local/vesta/ssl/certificate.crt
ln -s /etc/letsencrypt/archive/ /usr/local/vesta/ssl/certificate.key

Example copy files:

cp /etc/letsencrypt/archive/ /usr/local/vesta/ssl/certificate.crt 
cp /etc/letsencrypt/archive/ /usr/local/vesta/ssl/certificate.key

III. restart VestaCP

service vesta restart


Use Let’s encrypt for other websites:

I. go to

Check SSL Support and Lets Encrypt Support

You can choose SSL Home is public_html or public_shtml

SSL Support and Lets Encrypt Support

Then click Save

Now you will see in folder /home/admin/conf/web four files:

Like Example 1, you can create Wildcard SSL or standard SSL, and you can copy or make symlinks to theses files

II. restart vesta

service vesta restart

Example 2: Method 2: If you have already the certificate

I. Create file /home/admin/conf/web/ with content:

listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

II. restart nginx

service nginx restart

Leave a Reply