Letsencrypt has replaced most use cases. Rewrite article with new directions.

Perform the preceding update in /etc/ssl then restart the dovecot and postfix daemons.

Update the following files with the crt and SoCS private key. Proxmox automatically references these file names so no configuration is required.

/etc/pve/nodes/<node name>/pveproxy-ssl.pem
/etc/pve/nodes/<node name>/pveproxy-ssl.key

Restart the Panel and confirm that the cert is being loaded. Note that chrome seems not to want to mark the site as 'secure' unless you open a new tab, seems like a browser bug.

$ systemctl restart pveproxy
$ journalctl -b -u pveproxy.service | tail