Skip to main content
← All Guides
Pterodactyl · 5 min read

How to Set Up SSL for Pterodactyl Panel

Secure your Pterodactyl Panel and Wings daemon with free Let's Encrypt SSL certificates using Certbot and Nginx.

Why SSL Matters for Pterodactyl

Without SSL, every password and API token between your browser and the Pterodactyl Panel travels in plain text. Adding an SSL certificate encrypts that traffic and eliminates browser security warnings. Let's Encrypt provides free certificates, and Certbot handles renewals automatically.

Prerequisites

  • A running Pterodactyl Panel behind Nginx (see our install guide)
  • A domain name pointing at your panel IP
  • Port 80 and 443 open in your firewall

Step 1: Install Certbot

sudo apt install -y certbot python3-certbot-nginx

Step 2: Obtain the Certificate for the Panel

Run Certbot with the Nginx plugin. It will modify your server block to redirect HTTP to HTTPS and configure the ssl pterodactyl panel settings for you:

sudo certbot --nginx -d panel.yourdomain.com

Follow the prompts, agree to the terms, and Certbot writes the certificate files to /etc/letsencrypt/live/panel.yourdomain.com/.

Step 3: SSL for Wings

If Wings runs on the same machine as the panel, you can reuse the same certificate by pointing the Wings config.yml at the Letsencrypt paths:

api:
  ssl:
    enabled: true
    cert: /etc/letsencrypt/live/panel.yourdomain.com/fullchain.pem
    key: /etc/letsencrypt/live/panel.yourdomain.com/privkey.pem

If Wings is on a different machine, run Certbot on that machine with the Wings FQDN:

sudo certbot certonly --standalone -d node1.yourdomain.com

Then update the config.yml accordingly and restart Wings.

Step 4: Automatic Renewal

Certbot installs a systemd timer that renews certificates before they expire. Verify it is active:

sudo systemctl status certbot.timer

If you want to test a dry run:

sudo certbot renew --dry-run

Troubleshooting

  • Port 80 blocked: Certbot's HTTP challenge needs port 80. Open it in your firewall temporarily or use the DNS challenge instead.
  • Nginx config errors: Run sudo nginx -t after Certbot modifies the config to catch syntax issues.
  • Wings still complains: Make sure the remote URL in config.yml starts with https://. Restart Wings after any change.

With ssl pterodactyl panel properly configured, all traffic between your browser, the panel, and Wings is encrypted. For scheduling maintenance around certificate renewals, see the Pterodactyl schedules guide.

Skip the panel setup entirely. Astroworld Hosting comes with a full Pterodactyl panel, file manager, console, and scheduling on every plan.

Related Tools & Resources

🔧

Minecraft Tools

Calculators, generators & server tools

🧱

Item Database

Browse all Minecraft items, stats & recipes

⚒️

Crafting Recipes

Visual crafting guides for every recipe