Operating system: Ubuntu
OS version: 20.04.2 LTS (Focal Fossa)
Webmin version: 1.973
Virtualmin version: 6.16
TLDR: All http sites load no problem, but https sites timeout - SNI issue?
I setup Virtualmin for the first time yesterday, and so far am finding it great. However, despite trawling through hundreds of search results, I have been unable to find a way to set multiple virtualhosts up to use SSL with a single public IP address.
I am issuing TLS certificates using Let’s Encrypt automatically, and Virtualmin says that the certs are successfully generated, and the sites are running over TLS. However, only the first site I setup with a TLS certificate successfully loads over https; all the others receive browser timeouts.
Most of the sites are routing via CloudFlare and receiving a 522: Connection timed out response. However, some are routed directly to the server, and the connections also timeout.
Does anyone have any advice on how to setup multiple SSL sites on a single IP address in Virtualmin? I assume it should be fairly trivial but have spent the entire day hitting a brick wall with it.
Check your SSL settings in Cloudflare. Make sure it’s set to Flexible, not Full or Full Strict.
Thanks. Unfortunately that doesn’t seem to work either. Although sometimes the error changes from a connection timed out to too many redirects error.
Make sure it’s set to Flexible, not Full or Full Strict.
Hmm, two of the sites have just started working! Maybe I wasn’t being patient enough when trying that setting earlier. I’ll keep poking around and post an update if that solves it for all sites. Thanks for the tip.
Clear the cache on Cloudflare out completely.
So I seem to be managing to get all of the cloudflare sites to work now. The other sites which aren’t going through CloudFlare (A records set either with the registrar or through Microsoft) are still not working, but I can make a workaround by pointing everything through CloudFlare if needed.
If the http variant of the site is working, but https is not, I’d think you’re already hitting a proxy or something else weird. That tells me DNS is wrong.
Ok, I’ve found the solution to my problem, and it was a really simple but silly issue. I’d just assumed that port 443 was open on the firewall already and it wasn’t! Thanks for the help and suggestions!
This topic was automatically closed 8 days after the last reply. New replies are no longer allowed.