Bug Report: “File on server” CA Certificate Not Saving in SSL Setup

Virtualmin
1
SYSTEM INFORMATION
OS type and version Linux 6.8.0-88-generic on x86_64
Webmin version 2.610
Virtualmin version 7.50.2 GPL
Webserver version 2.610
Related packages SSL

Issue Summary

When attempting to install an SSL certificate using the “File on server” option in the SSL Setup page, the CA certificate file path is not saved after submitting the form. The .key file loads correctly, but the ca.cer file clears out after clicking Install Now.

Steps to Reproduce

  1. Go to:
    2.Virtualmin → Manage Virtual Server → Setup SSL Certificate*
  2. Under Private key, choose:
    :check_mark: File on server
    Path used:
/home/site/.acme.sh/site.com_ecc/site.com.key
  1. Under CA certificate, choose:
    :check_mark: File on server
    Path used:
/home/site/.acme.sh/site.com_ecc/ca.cer
  1. Click Install Now.

Expected Behaviour

The SSL certificate should be installed using the provided ca.cer file, and the form should retain the selected CA certificate path after installation.

Actual Behaviour

  • The installation runs, but Virtualmin clears the CA certificate field.
  • After the page reloads, the CA certificate text area is empty.
  • SSL installation installs complete, but a missing CA chain.

Hint:

  • check create and update events, i.e when installing SSL Cert for the first time and when updating an exisitng SSL cert
2

where is the real certificate? not the CA one..

3

I applied all three - the real cert, key and CA but only the CA wasn’t effected.

When I checked my /etc/apache2/sites-available/site.com.conf file, I saw this

SSLEngine on
SSLCertificateFile /home/site/.acme.sh/site.com_ecc/site.com.cer
SSLCertificateKeyFile /home/site/.acme.sh/site.com_ecc/site.com.key

So I had to manually update it to

SSLEngine on
SSLCertificateFile /home/site/.acme.sh/site.com_ecc/site.com.cer
SSLCertificateKeyFile /home/site/.acme.sh/site.com_ecc/site.com.key
SSLCertificateChainFile /home/site/.acme.sh/site.com_ecc/ca.cer
4

@Jamie, I can also see this bug. I remember you were fixing a similar issue with the cert and key some time ago, but the CA hasn’t been fixed yet. If you go to “Manage Virtual Server ⇾ Setup SSL Certificate / Update Certificate and Key” tab, select “File on server” for the “CA certificate” section, and just hit Save, even if the file is already set, e.g.:

image
image2438×1496 311 KB

After saving, even if the CA was previously configured correctly, it gets removed from services.

5

Ah yes, I am still working on this.

1 Like
6

Great! Thank you!