Home Features Pricing
Resources
Documentation Blog Support How It Works Roadmap Feature Requests Verify License
Company 🟢 Live Demo
Free Trial Get License
Back to Blog
Tutorial

How to Set Up Free SSL Certificates with Let's Encrypt on HPanel

HPanel Team March 2, 2026 7 min read
How to Set Up Free SSL Certificates with Let's Encrypt on HPanel

SSL is No Longer Optional

In 2026, SSL is a baseline requirement for every website. Google Chrome marks non-HTTPS sites as "Not Secure", search engines penalize them in rankings, and visitors lose trust. Thanks to Let's Encrypt, SSL certificates are free — and HPanel makes management completely automatic.

Automatic SSL on HPanel

When you add a domain to HPanel, an SSL certificate is automatically provisioned:

  1. Domain is added to HPanel
  2. HPanel verifies domain ownership via HTTP-01 challenge
  3. Let's Encrypt issues a certificate valid for 90 days
  4. Certificate is installed in Nginx configuration
  5. HTTP to HTTPS redirect is enabled
  6. Auto-renewal runs 30 days before expiry

No manual steps required — it just works.

Wildcard SSL Setup

For wildcard certificates (*.yourdomain.com), DNS-01 challenge is required:

  1. Go to HPanel → SSL Certificates
  2. Click Request Wildcard SSL
  3. HPanel will show a DNS TXT record to add
  4. Add the record to your domain's DNS
  5. Click Verify & Issue

Forcing HTTPS

HPanel enables HTTPS redirect by default, but you can also enforce it at the Nginx level:

server {
    listen 80;
    server_name yourdomain.com www.yourdomain.com;
    return 301 https://$server_name$request_uri;
}

HSTS (HTTP Strict Transport Security)

HSTS tells browsers to always use HTTPS for your domain:

add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;

Enable HSTS in HPanel → SSL → Advanced Settings.

Troubleshooting SSL Issues

"Domain Not Pointing to Server" Error

Let's Encrypt needs to reach your server via HTTP. Make sure:

  • DNS A record points to your HPanel server IP
  • Port 80 is open in your firewall
  • No CDN or proxy is blocking the .well-known/acme-challenge path

"Too Many Certificates" Rate Limit

Let's Encrypt limits 50 certificates per domain per week. If you hit this limit, wait 7 days or use a wildcard certificate instead.

Mixed Content Warnings

After enabling SSL, your site may show "mixed content" warnings if some resources (images, scripts) still load via HTTP. Fix by:

  • Updating hardcoded http:// URLs to https:// in your CMS
  • Using relative URLs or protocol-relative URLs
  • Running a search-and-replace in WordPress using WP-CLI or a plugin

SSL Labs Score

With HPanel's default SSL configuration, you automatically get an A+ rating on SSL Labs:

  • TLS 1.2 and 1.3 only (older protocols disabled)
  • Strong cipher suites with forward secrecy
  • OCSP stapling enabled
  • HSTS with preload support

Conclusion

SSL management on HPanel is fully automated. From certificate issuance to renewal, HTTPS redirect to HSTS — everything is handled without manual intervention. Your clients get enterprise-grade SSL security at zero cost.

Related Articles

• Best cPanel Alternatives in 2026

DirectAdmin vs cPanel vs HPanel Comparison

Best Linux Hosting Control Panels