Cannot access ssl websites

OS type and version REQUIRED
Virtualmin version REQUIRED

Ubuntu Linux 20.04.4
Virtualmin 6.17-3
Webmin 1.984

I am building a new server and have set up webmin and virtualmin on an ubuntu platform.

hostname is
I have set up two virtual servers and I have successfully installed phpmyadmin and Wordpress scripts on both. The first is the primary long term server, the second will eventually disappear and I am using it for comparative testing at the moment.

I have also installed ssl certificates on both servers for domain.tld and subdomains www, electra, ns1 and ns2 (as long term I want the main server to be my Nameservers). These are now propagated and respond to dig.

I have several issues which I will post one at a time.

The first is a problem accessing my websites using https. I have had to disable

Redirect all requests to SSL site

in order to be able to open the site in an http browser. If I use https instead of http the browser hangs and nothing is returned.

However if I enter https://domain.tld:10000 on either site it opens the virtualmin password challenge on the secured site. I cannot log in at the moment but I will come to that later.

The only current way of accessing my virtualmin panel is to go direct to the IP address Using https is fine and I can log in as root. If I use an http access it gives a warning and offers to redirect to which it opens but then as I stated above I cannot login, either with root or the server owner.

Can anyone explain what is happening and how to overcome it please?


Done some more testing. Although firewalld has the https service open, it appears it is not.

Ran some tests on the open ports and got these results:

gjj@JCP-Macbook-Air ~ % nc -zvw10 22
Connection to port 22 [tcp/ssh] succeeded!
gjj@JCP-Macbook-Air ~ % nc -zvw10 443
nc: connectx to port 443 (tcp) failed: Operation timed out

So port 22 is open and confirms that the server is responding to the nc command but port 443 (https) times out.

Have reset the firewall and rebooted the server but no change.

Any solutions?

Well, it is not working for web serving. Again, if I try I get through to virtualmin (and can now log in as root as I fixed the issue).

@GeoffatMM you need to enable ssl functionality for domain - right now it looks to me that ssl for that domain is disabled. ssl for domain:10000 is different stuff.

Well I would like to check but for some reason, every time I reboot the server something happens to the passwords. I now have no ssh or webmin access.

My experience is the more I try to correct issues the deeper the mess becomes so I am cutting out now and going to rebuild the server yet again. I shall go back to Debian 10 and see if I can get the script to work.

Bizarre! Now the passwords are working again. Let’s just assume I typed it wrong 10 times!

Fail2ban i presume?

1 Like

Hi George, Hi Stefan,


I have Apache website enabled ticked for the virtual server.

With Redirect all requests to SSL site set to Yes the site appears to be redirecting properly as it hangs. If I set it to No I can access the site through http.

Are there other ssl settings I need to look at? Looking through the ssl options, it defaults to HTTP/1.1, The access log does not appear to have any issues and the error log has only two entries as follows:

[Mon Feb 28 13:26:24.329597 2022] [ssl:warn] [pid 959:tid 139669041032256] AH01906: server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
[Mon Feb 28 23:56:06.367776 2022] [core:error] [pid 30802:tid 139668762842880] [client] AH00126: Invalid URI in request POST /cgi-bin/.%2e/.%2e/.%2e/.%2e/bin/sh HTTP/1.1

Under User and Group CGI Programs are set to Unix user and Group 1004 (server admin user).

Under SSL Options, all ssl and tsl versions have been ticked (to test if it made any difference).

Under Directive the SSL Engine is set to On.


I am not familiar with fail2ban. I have done nothing to it and this is a vanilla installation.

Looking at it, there is a list of Log Filters but nothing is ticked. Likewise for Match Actions.

Filter Action Jails has the following enabled:

proftpd (which I am not using)
postfix-rbl (?)
qmail-rbl (?)
postfix-sasl (?)

I have looked at but done nothing with the config options.

If I try to restart the server (and this happened somewhere else but cannot for the moment remember where) I get a red message on the page " Error: 302 - Moved Temporarily — restart.cgi"

If I stop the fail2ban server it makes no difference.


The only thing I can see that may be an issue is the CGI warning but that is beyond my capabilities!


Fail2ban config is in Webmin-Networking-Fail2Ban Intrusion Detector. Too many failed connection it will create a ban via FirewallD on the connection for a period of time.


OK thanks Steve.

I think that has happened when I was trying to login in to Virtualmin from the http site ( But that should not prevent the ssl site opening should it?

No, never had a issue with site opening. Check firewallD, just make sure https or 443 is open.
This site says its closed.


My second post raised this. Firewalld says the port is open (service https) but my nc query said it was closed. I reset it and rebooted but it made no difference. Firewalld does not appear to be doing what it says it is. How do I overcome it?


When I reset it, save it to my ethernet device and try to apply the configuration I get this error again (now Remember where I saw it).

Error: 302 - Moved Temporarily — restart.cgi

So something appears to be happening with the CGI setup?


OK I have solved the problem!

I rang ionos my new vps supplier and they have set up a firewall on their side between my server and the internet so whilst port 443 was open in webmin it was blocked on their firewall for my IP address. Just tested some other “open” ports and they too are all blocked!

They do it to close off port 25 from abuse but it seems a sledgehammer to crack a nut to me. so basically I have to replicate any service I want to run in webmin in their firewall first. I have asked them to remove it and just leave port 25 blocked and am waiting to see if the will do so or not.

Sorry to have wasted your time.

This can be considered closed.


Virtualmin is not using the same web server as your websites. There is no useful information provided by Webmin/Virtualmin working. It can work or not work wholly independently of your websites working or not working and for entirely different reasons.

I know this is solved, but I wanted to clarify for any future person looking at this thread.

Hi Joe,

Is this because the websites (virtual servers under Virtualmin) run on the apache server whilst Virtualmin runs an independent server (tht is not listed in the dashboard servers?


It’s not listed because if you can see the dashboard, Virtualmin is obviously up. :wink:

Virtualmin is a module of Webmin, which runs in its own dedicated app server called

This topic was automatically closed 8 days after the last reply. New replies are no longer allowed.