Why SSL Matters
Using SSL (HTTPS) encrypts the connection between your users and your panel. This is crucial not only for security but also for compatibility with modern browsers and players that block insecure (HTTP) content. This guide covers pointing your domain, generating a certificate, and configuring Nginx.
1Step 1: Prerequisites
Before starting, ensure you have a valid domain name pointed to your server's IP address. You also need to install the Certbot tool, which creates the certificates.
Run the following commands to install Certbot:
2Step 2: Generate the Certificate
Now, generate the SSL certificate for your domain. Replace yourdomain.com with your actual domain.
If successful, Certbot will confirm that your certificate keys have been saved to /etc/letsencrypt/live/yourdomain.com/. Make a note of this path.
3Step 3: Update Nginx Binary
The default Nginx installed with Xtream UI may not support modern SSL/HTTP2 standards. It is highly recommended to replace the binary with an updated version compiled for Xtream UI.
Important: Back up your existing nginx binary before proceeding.
4Step 4: Configure Nginx
You need to tell Nginx to listen on port 443 (HTTPS) and where to find your certificates. Open your Nginx configuration:
Add or modify the server block. It should look similar to this example:
5Step 5: Update Database Settings
For the panel to generate HTTPS links for your streams and M3U playlists, you must update the database settings. Run the following command:
You will be prompted for your MySQL root password (often found in your config.php if you forgot it).
6Step 6: Test and Reload
Verify that your Nginx configuration syntax is correct:
If the test is successful, restart the services to apply changes:
Don't forget to renew your certificate every 90 days using sudo certbot renew.