I followed instructions of this topic: Enabling HTTPS for your Pi-hole Web Interface
So my /etc/lighttpd/external.conf is configured as well:
$HTTP["host"] == "domain.com" {
# Ensure the Pi-hole Block Page knows that this is not a blocked domain
setenv.add-environment = ("fqdn" => "true")
# Enable the SSL engine with a LE cert, only for this specific host
$SERVER["socket"] == ":1080" {
ssl.engine = "enable"
ssl.pemfile = "/etc/letsencrypt/live/domain.com/combined.pem"
ssl.ca-file = "/etc/letsencrypt/live/domain.com/fullchain.pem"
ssl.honor-cipher-order = "enable"
ssl.cipher-list = "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH"
ssl.use-sslv2 = "disable"
ssl.use-sslv3 = "disable"
}
# Redirect HTTP to HTTPS
$HTTP["scheme"] == "http" {
$HTTP["host"] =~ ".*" {
url.redirect = (".*" => "https://%0$0")
}
}
}
I also moved the document root folder to /var/www/pihole/admin because I discovered that it was accessible to apache.