Let's Encrypt certificate for Virtualmin host itself? [SOLVED]

SYSTEM INFORMATION
OS type and version Ubuntu 18.04
Webmin version 1.990
Cloudmin version N/A
Virtualmin version 6.17-3 Pro

I am using Webmin 1.990 and Virtualmin 6.17-3 Pro on a Ubuntu 18.04 VPS.

I have Let’s Encrypt certificates working (and automatically renewing) for all the Virtualmin servers.

I would like to install a Let’s Encrypt certificate for my Webmin/Virtualmin console.

I would also like to experiment with a Let’s Encrypt certificate for a “silly website” I also run on that server. I’m hopeful that I could combine that server’s dns name into the Webmin certificate.

Where an I find documentation for doing this? Many thanks.

This might do the trick:

  1. create a virtual server with the hostname of the Virtualmin server
  2. apply a SSL certificate
  3. access Virtualmin on port 10000 of the hostname

Or don’t do 1 through 3 and access Virtualmin on port 10000 of any domain that is currently hosted on that server.

Why? Just login to Webmin on the hostname of one of your Virtualmin managed domains. Webmin will use the cert for that domain name.

Webmin can request Let’s Encrypt certs for itself in Webmin the Webmin SSL configuration page, but it’s trickier, since it has less certainty about how things are setup than Virtualmin does.

I think this is automatically done during Virtualmin installation, if it can be done and the hostname resolves. (This automatic domain is a “free” domain for Pro users. And it can’t have mail, for some technical reasons that are the same reasons we tell people don’t name your server the same as a domain you’ll be managing in Virtualmin.)

I’m ambivalent about whether this is a good feature (mostly leaning toward “not a good feature”, but Ilia and Jamie like it, so it stays). I think I prefer keeping things simple and just using Virtualmin domain names to login to Virtualmin. Then you don’t have to ever think about the name of the server itself…which is mostly irrelevant.

Kaboom! (Sound of a mind exploding! :slight_smile: )

Works a treat! I just used https://one-of-my-other-domains:1234 (where 1234 is the port for my Webmin instance…)

Thanks, Joe!

1 Like

because cloudflare rejects connection other than on port 80 and 443.
I now created a sub server on nginx, with this conf to overcome this problem:

	location / {
        proxy_set_header   X-Forwarded-For $remote_addr;
        proxy_set_header   Host $http_host;
        proxy_pass         "https://127.0.0.1:10000";
		proxy_set_header Host $host; # MAGIC
    }
	location /.well-known/acme-challenge/ {
	allow all;
	}

or maybe I should just edit each virtual server and add

	location /webmin {
        proxy_set_header   X-Forwarded-For $remote_addr;
        proxy_set_header   Host $http_host;
        proxy_pass         "https://127.0.0.1:10000";
		proxy_set_header Host $host; # MAGIC
    }

This topic was automatically closed 8 days after the last reply. New replies are no longer allowed.