This worked on my CentOS 6.x zPanel VPS. I repalced self signed SSL by SSL when accessing cpanel via server hostname. IP still via self signed)

I made sure my hostname is valid FQDN (containing two dots in hostname)

executed command to set my hostname: hostname

Then i verified my hostname is in /etc/hosts filenext to my server IP:
MyServerIPHere vps host1 myonionaddress.onion

then with my server provider i asked them to set my PTR (rDNS) record of my IP to

then i went to and after installing certbot using given instructions i executed command to generate cert. for my hostname:

./certbot-auto certonly -d

Then i had certificate config file in: /etc/letsencrypt/renewal/

i listed that file contents to discover location of my certificate and private key: cat /etc/letsencrypt/renewal/

i copied lines that begins with cert and privkey

I opened default apache SSL configuration file:
vi /etc/httpd/conf.d/ssl.conf

Then hit slash: /
and typed: Cert
and hit enter

Then i commented out default line to look like:
#SSLCertificateFile /etc/pki/tls/certs/localhost.crt

and below added line:
SSLCertificateFile /etc/letsencrypt/live/

Then below is keyfile line that i also commented out to look like:
#SSLCertificateKeyFile /etc/pki/tls/private/localhost.key

and below i added:
SSLCertificateKeyFile /etc/letsencrypt/live/

then exitted editor by :wq and hit enter

and restarted httpd: service httpd restart

i could enter and it shown valid SSL zPanel login screen

setup cronjob to renews SSL automatically:

crontab -e

add to the end of file:
@daily /bin/sh /certbot-auto renew