SSL Configuration

Default SSL certificate
Free Let’s Encrypt certificate
- Automatic renewal
Paid or custom SSL certificate
Domain configuration in EasyDCIM
Client Area SSL

In EasyDCIM 1.25.0+, SSL management for the main platform is handled through easydcim-control.

For the general Docker workflow, see Docker Management with easydcim-control.

Default SSL certificate

A self-signed SSL certificate is generated automatically during easydcim-control app install.

For production environments, replace it with either:

a Let’s Encrypt certificate
a paid/custom certificate

Free Let’s Encrypt certificate

To request a certificate for the main EasyDCIM domain, run:

sudo easydcim-control app ssl letsencrypt install panel.example.com

To renew the certificate manually:

sudo easydcim-control app ssl letsencrypt renew

To remove the Let’s Encrypt certificate and return to the default self-signed certificate:

sudo easydcim-control app ssl letsencrypt remove

Automatic renewal

easydcim-control app ssl letsencrypt install configures the renewal workflow automatically. You do not need to run manual Apache or Certbot commands on the host.

Paid or custom SSL certificate

To install your own certificate files, run:

sudo easydcim-control app ssl install /etc/ssl/mydomain/fullchain.pem /etc/ssl/mydomain/privkey.pem panel.example.com

This command:

installs the certificate into the EasyDCIM stack
reloads the application service
updates the EasyDCIM base URL to the provided HTTPS domain

Domain configuration in EasyDCIM

When you use easydcim-control app ssl install or easydcim-control app ssl letsencrypt install, the CLI automatically updates the main EasyDCIM URL.

If you still need to change the URL manually, use shell passthrough:

easydcim-control app shell -- php artisan settings:change "common.url.default" "https://panel.example.com"

If you need to reset the configured URL because the current domain is not working properly, run:

easydcim-control app shell -- php artisan settings:change "common.url.default" ""

Once the domain value is reset, you will be able to access the backend by using the server IP address again.

Client Area SSL

If the Client Area is installed locally on the same host as EasyDCIM, it uses the same SSL configuration as the main EasyDCIM platform.
If the Client Area is installed externally, manage its certificate separately by using the commands described in Client Area Configuration.