Panel certs seem to be a little buggy at times. Here's how I setup SSL using nginx proxies.
- Keep SSL disabled for the panel.
- Create a nginx webserver, with the domain you want. Force HTTPS and generate a cert.
- Go into reverse proxy and point to http://127.0.0.1:8888
- Now you may access the panel using the domain.
If you want to keep the security entry and hide it, here's my nginx reverse proxy config:
#PROXY-START/
location ~* \.(php|jsp|cgi|asp|aspx)$
{
proxy_pass http://127.0.0.1:8888;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header REMOTE-HOST $remote_addr;
}
location /
{
proxy_pass http://127.0.0.1:8888;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header REMOTE-HOST $remote_addr;
#Persistent connection related configuration
add_header X-Cache $upstream_cache_status;
#Set Nginx Cache
add_header Cache-Control no-cache;
expires 12h;
}
location /login
{
# Replace the entry pass below
proxy_pass http://127.0.0.1:8888/7b8f0u9e/;
proxy_set_header Host $host;
}
#PROXY-END/
I recommend this config as you don't need to disable ip address logging in. As a domain bind could break due to many reasons, locking you out, as you've found. It'll also require the password when a port crawler attempts to login, and it's completely transparent when using the domain.