Howdy,
Okay, I believe it’s working now!
Outside of an Apache restart, there shouldn’t have been any additional downtime.
Can you take a look and see if that’s working as you’d expect? Thanks!
-Eric
Hi Eric
It seems to work more accurate know 
What did you do to get it working?
Secondly, it doesn’t look like the intermediate SSL certificate are visible?
I checked it with this tool : http://www.sslshopper.com/ssl-checker.html#hostname=glolinweb001.itoverblik.dk
If it did there will come this “SSL validation” next to the URL in the browser, just like this page we have https://mysqladm.itoverblik.dk/
I used the below procedure (my own) to get the SSL certificate working on the virtualmin GUI page.
#Setup SSL for admin GUI
Log on to putty
openssl genrsa -out key.pem 2048
openssl req -new -key key.pem -out req.pem
Insert the SSL certificate in the cert.pem file
nano cert.pem
Combine the Private key and SSL certificate file
cat key.pem cert.pem temp.pem
Add the Intermediate and ROOT certificate to the temp.pem file
nano temp.pem
Use the template below
-----BEGIN RSA PRIVATE KEY-----
(Your Private Key: your_req.pem)
-----END RSA PRIVATE KEY-----
-----BEGIN CERTIFICATE-----
(Your Primary SSL certificate: cert.pem)
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
(Your Intermediate certificate: DigiCertCA.crt)
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
(Your Root certificate: http://www.rapidssl.com/legal/)
-----END CERTIFICATE-----
Overwrite the existing selfsigned SSL certificate in the webmin folder
cp temp.pem /etc/webmin/miniserv.pem
Re-start webmin (making sure it is in SSL mode) to use the new key.
/etc/init.d/webmin restart
Could I use the same PEM file to the virtual site glolinweb001.itoverblik.dk?
Thanks for your help so far it is much appreciated.
- Tim
Hi Eric
I managed to install the CA intermediate certificate by doing the following.
Go to Virtualmin -> Select the virtual site -> Server Configuration -> Manage SSL Certificate -> CA Certificate
I then pasted the CA Intermediate certificate in the text box
I know get a successfully SSL chain validation.
http://www.sslshopper.com/ssl-checker.html#hostname=glolinweb001.itoverblik.dk
But I still can’t see the SSL image next to the URL in my browser, strangely enough.
It shows for about 1 second and then disappear just like I am getting redirected somehow?
Secondly, can I force the page to be SSL on the virtual site so that the non SSL viewing of the page is not possible?
- Tim
Howdy,
Well, I think the problem there is that some of the images and links within your site appear to still be using “http” rather than “https”.
You’d either want to change those links to all use “https”, or just use relative links.
As far as redirecting http users to https – you can do that by creating a .htaccess file in your public_html directory, and entering something along the lines of this in there:
RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://www.example.com/$1 [R,L]
Hi Eric
Off course why the SSL image was not displayed correctly, I should have know that myself 
May I ask what you did to get it working the other day (Friday night).
So that I know what to change when I am going to install server the new server glolinweb002.
Secondly, I will try the above .htaccess
Thanks for your help.
- Tim
Hi Eric
The htaccess file works as intended
- Tim
It seemed that the settings in /etc/httpd/conf.d/ssl.conf were overriding those for your VirtualHost.
Specifically, the self-signed SSL certificate setup there was being used, rather than the commercial cert you purchased.
I tried commenting out the SSLCertificateFile and SSLCertificateKeyFile lines in the ssl.conf in the hopes that it would then use the ones in your VirtualHost config, but that’s when Apache bombed out, as you saw
I’m sure there’s a better way to do this, but rather than subject your users to any additional downtime, what I did is point SSLCertificateFile and SSLCertificateKeyFile in the ssl.conf to point to your new SSL certificate.
-Eric
Hi Eric
I just noticed that the :20000 site is using the self signed certificate as the webmin site on port :10000 did.
How should I activate my own certificate on the usermin site??
Will it be the the same way as you did for my webmin site?
Looking forward to hear from you.
- Tim
You can use your own cert by going into Server Configuration -> Manage SSL Certificates, and click the “Copy to Usermin” button.
-Eric
Hi Eric
I may be blind, I can’t find the above MENU location as described
- Tim
Well, let’s back up a bit… without re-reading this entire thread, I’m going to review some things quick
For using SSL – the easiest way to get that working for your entire server is to first enable SSL in a specific Virtual Server.
You can do that in Edit Virtual Server -> Enable Features, and enable the “SSL” feature there.
Once you do that, you should then have a Server Configuration -> Manage SSL Certificate option for that particular Virtual Server.
You can then add/modify/delete your SSL cert for that Virtual Server from there. But, you can also access some buttons on that screen which allow you to copy that SSL Cert into Webmin, Usermin, Dovecot, and Postfix.
Will that do what you’re after?
-Eric
Hi Eric
I succeeded to export / import the certificate for the main site / servername glolinweb001.itoverblik.dk to the webmin on port 20000
When I visit webmail.ito-hosting.info (test site) I get redirected to http://ito-hosting.info:20000/
But how do I ensure that I get redirected to https://glolinweb001.itoverblik.dk:20000/ instead of https://ito-hosting.info:20000/ so that the SSL certificate is the same as the primary server name / virtual server.
How do I ensure that webmail.domain.tld get’s redirected to https://glolinweb001.itoverblik.dk:20000/
- Tim
Take a look at System Settings -> Server Templates -> Default -> Apache Website – there’s options in there you can use to set where the webmail and admin aliases redirect to.
-Eric
Hi Eric
Thanks for the input, I should have told my self that the solution was in the Apache settings
- Tim