After having deployed own TLS certificate and enabled Strict-Transport-Security on the domain a login to CWPanel is no longer possible as the CWP server is sticking with its own certificate which in turn and logically breaks Strict-Transport-Security. In such scenario the web browser prevents a certificate exception.
Pointing the CWP server manually to the own certificate may break CWP internal processes (e.g. my crypt) which are unknow to the user.
It is rather cumbersome to turn Strict-Transport-Security off and on again for accessing the CWPanel.
CWP should provide an option in the settings to utilize the user's own certificate and automatically rerwite internal path/routines accordingly.