# Self-Signed SSL Certificate Warning
EasyDCIM automatically generates a self-signed SSL certificate during installation. This certificate allows HTTPS to work immediately, but browsers and external systems may display a security warning because the certificate is not issued by a trusted Certificate Authority.
# Symptoms
You may see warnings such as:
Your connection is not private,NET::ERR_CERT_AUTHORITY_INVALID,- certificate not trusted,
- API clients refusing the connection unless certificate verification is disabled.
# Why This Happens
The default certificate is self-signed. It is useful for the first login, lab environments, and internal testing, but it should not be used as the final production certificate.
For production, replace it with one of the following:
- a free Let's Encrypt certificate,
- a paid or custom SSL certificate from your Certificate Authority.
# Recommended Fix
If your EasyDCIM panel has a public domain pointing to the server, install a Let's Encrypt certificate:
sudo easydcim-control app ssl letsencrypt install panel.example.com
To renew it manually:
sudo easydcim-control app ssl letsencrypt renew
If you already have paid/custom certificate files, install them with:
sudo easydcim-control app ssl install /etc/ssl/mydomain/fullchain.pem /etc/ssl/mydomain/privkey.pem panel.example.com
# More Information
See: Default SSL certificate.