Incorrect SSL Certificate being used

I have a problem with getting the correct SSL certificate to be used by the virtual host/domain, I’ve installed a GoDaddy SSL Certificate in the Manage SSL Certificate I put the files on the server in the home directory and selected these using the File on server method in the Update Certificate and Key all appeared to work OK and in the CA Certificate it shows GoDaddy however in the Current Certificate tab it still says Self-signed. When I try and view a file in the website with https it complains saying the certificate isn’t valid and when I view the certificate in the browser it appear to the the self signed for the server IP not the GoDaddy one?

Operating system CentOS Linux 5.10 Webmin version 1.660 Virtualmin version 4.03.gpl GPL


It’s difficult to say what the exact issue might be, but one thing you could try is to re-add the certificate.

First, I’d suggest making a backup of the various “ssl.*” files in your Virtual Server home directory.

Once you do that, try going into Server Configuration -> Manage SSL Certificates -> Apply Signed Certificate, and there, try copying and pasting your SSL certificate into the textbox there.


Hi Eric,

I don’t seem to have the Apply Signed Certificate option?



Tried reinstalling didn’t work also looking at the ssl.conf file noticed these:

Server Certificate:

Point SSLCertificateFile at a PEM encoded certificate. If

the certificate is encrypted, then you will be prompted for a

pass phrase. Note that a kill -HUP will prompt again. A new

certificate can be generated using the genkey(1) command.

SSLCertificateFile /etc/pki/tls/certs/localhost.crt

Server Private Key:

If the key is not combined with the certificate, use this

directive to point at the key file. Keep in mind that if

you’ve both a RSA and a DSA private key you can configure

both in parallel (to also allow the use of DSA ciphers, etc.)

SSLCertificateKeyFile /etc/pki/tls/private/localhost.key

Tried commenting out in case it helped and rebooted now see to have a critical issue where apache won’t start (so tried uncommenting again makes no difference) getting the message

Failed to start apache :
Starting httpd: [Wed Mar 05 16:04:34 2014] [warn] module version_module is already loaded, skipping
[Wed Mar 05 16:04:34 2014] [warn] VirtualHost overlaps with VirtualHost, the first has precedence, perhaps you need a NameVirtualHost directive
(98)Address already in use: make_sock: could not bind to address [::]:80
(98)Address already in use: make_sock: could not bind to address
no listening sockets available, shutting down
Unable to open logs


OK I’ve managed to get Apache running again however I have the continued issue of the site not seeming to be using the correct SSL certificate is there somewhere that might include a server self-signed certificate that would take precedence over the one for the virtual host i believe the server is using the file held here /etc/pki/tls/certs ?

Also I’ve found in the logs…

[Wed Mar 05 17:29:17 2014] [warn] RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
[Wed Mar 05 17:29:17 2014] [warn] RSA server certificate CommonName (CN) `XX.XX.189.235’ does NOT match server name!?

The IP stated in the logs does not match the actual server IP XX.XX.190.35 the IP `XX.XX.189.235’ appears to be coming from the localhost.crt from this path /etc/pki/tls/certs as I’ve decoded the cert using and this confirms the incorrect IP?

That warning you’re seeing should be okay… any relevant SSL errors would be in $HOME/logs/error_log.

Rather than the “Apply certificate” tab, you could instead paste in your SSL into the “Update Certificate and Key” tab.

When you add your SSL cert, be sure to copy and paste it into the textbox, rather than pointing it to a file on your filesystem.

While in theory either should work, copying and pasting it there is a troubleshooting step that will rule out a few things.


OK I’ve tried every which way I can see of doing this now and the only way I’ve been able to get the ‘correct’ certificate to be used is to edit the /etc/httpd/conf.d/ssl.conf directly and hard code the sites certificates into this. Any ideas why it won’t work via Virtualnin?