diff --git a/backend/app/service/website.go b/backend/app/service/website.go
index 6e9604385..80f2f33e1 100644
--- a/backend/app/service/website.go
+++ b/backend/app/service/website.go
@@ -646,7 +646,7 @@ func (w WebsiteService) OpWebsiteHTTPS(ctx context.Context, req request.WebsiteH
 	}
 	var (
 		res        response.WebsiteHTTPS
-		websiteSSL *model.WebsiteSSL
+		websiteSSL model.WebsiteSSL
 	)
 	res.Enable = req.Enable
 	res.SSLProtocol = req.SSLProtocol
@@ -691,12 +691,13 @@ func (w WebsiteService) OpWebsiteHTTPS(ctx context.Context, req request.WebsiteH
 	}
 
 	if req.Type == constant.SSLExisted {
-		websiteSSL, err = websiteSSLRepo.GetFirst(commonRepo.WithByID(req.WebsiteSSLID))
+		websiteModel, err := websiteSSLRepo.GetFirst(commonRepo.WithByID(req.WebsiteSSLID))
 		if err != nil {
 			return nil, err
 		}
-		website.WebsiteSSLID = websiteSSL.ID
-		res.SSL = *websiteSSL
+		website.WebsiteSSLID = websiteModel.ID
+		res.SSL = *websiteModel
+		websiteSSL = *websiteModel
 	}
 	if req.Type == constant.SSLManual {
 		var (
@@ -756,16 +757,16 @@ func (w WebsiteService) OpWebsiteHTTPS(ctx context.Context, req request.WebsiteH
 		websiteSSL.PrivateKey = privateKey
 		websiteSSL.Pem = certificate
 
-		res.SSL = *websiteSSL
+		res.SSL = websiteSSL
 	}
 	website.Protocol = constant.ProtocolHTTPS
-	if err := applySSL(website, *websiteSSL, req); err != nil {
+	if err := applySSL(website, websiteSSL, req); err != nil {
 		return nil, err
 	}
 	website.HttpConfig = req.HttpConfig
 
 	if websiteSSL.ID == 0 {
-		if err := websiteSSLRepo.Create(ctx, websiteSSL); err != nil {
+		if err := websiteSSLRepo.Create(ctx, &websiteSSL); err != nil {
 			return nil, err
 		}
 		website.WebsiteSSLID = websiteSSL.ID