# Self-Signed SSL Certificate Warning

EasyDCIM automatically generates a self-signed SSL certificate during installation. This certificate allows HTTPS to work immediately, but browsers and external systems may display a security warning because the certificate is not issued by a trusted Certificate Authority.

# Symptoms

You may see warnings such as:

  • Your connection is not private,
  • NET::ERR_CERT_AUTHORITY_INVALID,
  • certificate not trusted,
  • API clients refusing the connection unless certificate verification is disabled.

# Why This Happens

The default certificate is self-signed. It is useful for the first login, lab environments, and internal testing, but it should not be used as the final production certificate.

For production, replace it with one of the following:

  • a free Let's Encrypt certificate,
  • a paid or custom SSL certificate from your Certificate Authority.

If your EasyDCIM panel has a public domain pointing to the server, install a Let's Encrypt certificate:

sudo easydcim-control app ssl letsencrypt install panel.example.com

To renew it manually:

sudo easydcim-control app ssl letsencrypt renew

If you already have paid/custom certificate files, install them with:

sudo easydcim-control app ssl install /etc/ssl/mydomain/fullchain.pem /etc/ssl/mydomain/privkey.pem panel.example.com

# More Information

See: Default SSL certificate.