In this short tutorial, you’ll learn the simple steps you need to know in order to install Vesta Control Panel on a server. Additionally, you’ll learn how to install a valid SSL certificate rather than the default self-signed SSL certificate that comes package with Vesta.
Note: I’m assuming that you have already set up your DNS records so that your remote server has a domain name. In this case, I’m using example.com, so please change this to your domain name in any commands below.
Install Vesta Control Panel
First make sure you are using a supported operating system as indicated on the official Vesta Control Panel website. At this time, the following versions are supported.
- RHEL / CentOS 5, 6, 7
- Debian 7, 8, 9
- Ubuntu 12.04 – 18.10
Also make sure your system meets the minimum operation requirements of 512 MB RAM, 20 GB HDD, and a 1 GHz CPU.
After logging into your remote server via ssh, execute the following command to download the Vesta Control Panel installer script.
curl -O http://vestacp.com/pub/vst-install.sh
Next, we can invoke the bash program and execute the shell script.
bash vst-install.sh
The installation process will take up to 15 minutes, but in my experience, it only takes about 5 minutes.
Install an SSL Certificate
After a successful installation, you’ll see the following welcome message.
Congratulations, you have just successfully installed Vesta Control Panel
https://panel.example.com:8083
username: admin
password: password
We hope that you enjoy your installation of Vesta. Please feel free to contact us anytime if you have any questions.
Thank you.
Now if you try to navigate to your control panel, you’ll see a privacy security error stating that your connection is not secure. This is because VestaCP comes default with a self-signed SSL certificate that most modern web browsers don’t trust.
We can easily install an SSL certificate for free using Let’s Encrypt.
First, let’s install Certbot, which is the automated software that issues free Let’s Encrypt certificates.
apt-get install certbot
After certbot is installed, we can request and download an SSL certificate. Please execute the following command and change the domain name to your domain name.
certbot certonly --webroot -w /home/admin/web/panel.example.com/public_html/ -d panel.example.com
After asking you for your email and if you accept their terms, certbot will verify that you indeed do own the domain name and then issue your your SSL certificate.
Next, we must copy the SSL certificate and chain and replace the default VestaCP self-signed certificate. To do this, execute the following commands, and restart the Vesta service.
cp /etc/letsencrypt/live/panel.example.com/fullchain.pem /usr/local/vesta/ssl/certificate.crt cp /etc/letsencrypt/live/panel.example.com/privkey.pem /usr/local/vesta/ssl/certificate.key service vesta restart
Now when you navigate to your Vesta Control Panel in a browser, you won’t see the privacy error anymore.
Start to Use VestaCP
At this point, you now have a secure version of VestaCP installed on your server. If you want a basic overview of what you can do with Vesta Control Panel, check out the video below.
4 Responses
hi Tony . Thank you fir your great tutorial . every steps worked perfectly until when i try to restart vesta i got error:
Job for vesta.service failed because the control process exited with error code.
See “systemctl status vesta.service” and “journalctl -xe” for details
Please man help me as i i am beginner with coding and i have trying to solve this issues for a week now . Thank you in advance
after i check status i have the following result :
starts the vesta control panel
Loaded: loaded (/etc/init.d/vesta; generated; vendor preset: enabled)
Active: failed (Result: exit-code) since Tue 2021-02-02 15:37:31 UTC; 38s ago
Docs: man:systemd-sysv-generator(8)
Process: 6368 ExecStop=/etc/init.d/vesta stop (code=exited, status=0/SUCCESS)
Process: 9259 ExecStart=/etc/init.d/vesta start (code=exited, status=1/FAILURE)
Feb 02 15:37:31 panel.90degree.xyz systemd[1]: Starting LSB: starts the vesta control panel…
Feb 02 15:37:31 panel.90degree.xyz vesta[9259]: Starting vesta-nginx: vesta-nginxnginx: [emerg] SSL_CTX_use_PrivateKey_file(“/usr/local/vesta/ssl/ceFeb 02 15:37:31 panel.90degree.xyz systemd[1]: vesta.service: Control process exited, code=exited status=1
Feb 02 15:37:31 panel.90degree.xyz systemd[1]: Failed to start LSB: starts the vesta control panel.
Feb 02 15:37:31 panel.90degree.xyz systemd[1]: vesta.service: Unit entered failed state.
Feb 02 15:37:31 panel.90degree.xyz systemd[1]: vesta.service: Failed with result ‘exit-code’.
best regards,
Armando
Hi Armando. It looks like your output got cut off but in doing research, it looks like you need to tell Nginx about your SSL cert. Please see https://stackoverflow.com/questions/9380403/what-does-ssl-ctx-use-privatekey-file-problems-getting-password-error-indica
Hi Tony,
Thank you so much for your quick answer and your help. Everything is working perfect now .
Hey Tony
Is this a safe place to host my website keeping SEO in mind for my business