Skip to content

SSL Certificates

The SSL certificate management enables the administration of SSL/TLS certificates for the system's secure HTTPS connection. Certificates can be created automatically via Let's Encrypt or uploaded manually.

Overview

Navigate to Administration --> SSL Certificates. The overview displays all SSL certificates stored in the system along with their validity information.

Columns

Column Description
Certificate Name Name of the certificate (assigned by Certbot).
Domains Domain(s) covered by the certificate.
Expiration Date Certificate validity end date. A warning is displayed for expired certificates.
Certificate Path File path to the certificate on the server.
Key Path File path to the private key.
Actions Action menu for editing or deleting.

Certificate Sources

Let's Encrypt

Let's Encrypt certificates are automatically created and renewed via Certbot.

  1. Click New Certificate. An input dialog opens.
  2. Enter the desired domain(s) in the Domains field (comma-separated for multiple domains).
  3. Assign a Certificate Name for identification.
  4. Click Save. The system automatically creates a certificate via Certbot using webroot validation.
  5. After successful creation, the certificate path and key path are automatically stored.

Self-Signed Certificate

For test environments or internal systems, a self-signed certificate can be created.

Manual Upload

Existing certificate files can be uploaded manually:

  • Certificate file (.crt, .pem) -- The SSL certificate.
  • Key file (.key) -- The associated private key.

Typical Workflows

  • Create new certificate: A free, automatically renewable certificate for the system domain is created via Let's Encrypt.
  • Expiration monitoring: The Expiration Date column shows at a glance which certificates are about to expire or have already expired.
  • Renew certificate: Expired Let's Encrypt certificates can be renewed via the Certbot integration.
  • Upload auth file: For domain validation during renewals, an ACME challenge file can be uploaded.

Technical Notes

Expiration Date

Expired certificates lead to browser warnings and can impair access to the system. Monitor expiration dates regularly.

Permissions

Managing SSL certificates requires the basic_setting_admin permission. Only administrators should have access to this area.

  • Let's Encrypt certificates are managed via the system Certbot and use the webroot method for domain validation.
  • The domain must be valid and publicly accessible for automatic certificate creation to work.
  • Self-signed certificates are stored in the /uploads/certs/ directory.