After installing Cockpit you will likely end up with certificates that are self-signed and therefore untrusted by default. There is a better way; Let’s Encrypt. NOTE: Through out the article the fully-qualified domain name of the Cockpit server is treated as a variable (e.g., $FQDN). Make sure to either define a similar variable with an appropriate value or replace it when copying the commands. Install certbot First thing is first, install certbot1.