Not able to create SSL for Webmin

Help! (Home for newbies)
1

Hello all,

I am not able to create SSL for Webmin.
I’ve followed the procedures on links but when I test my hostname I got yellow padlock , but not green.

https://www.hostfav.com/blog/index.php/2017/07/26/add-lets-encrypt-certificate-to-webmin/

I don’t know where to looking for more docs.
Does any one have idea about this ?

Thanks a lot!

2

If you’re using Virtualmin, if you get a Let’s Encrypt certificate for a Virtualmin-managed domain, it will work for Webmin if you connect on that domain name. You don’t need to do anything specific to Webmin. Webmin does have a Let’s Encrypt implementation, but it’s much harder to get right, because Virtualmin is no longer managing your DNS and it’s not going to be for a Virtualmin virtual host so there are a lot more variables.

In short: Just don’t do that. You don’t need it. Webmin will happily answer whatever domain name you request it on, and it will use the right certificate if it has one available.

1 Like
3

@Joe
I am sorry for late answer.
Аh… So I just want to clarify this because I want to understand how it is works.
So If I have already Letsencrypt for my domain example_com on Virtualmin, then Webamil used for hostname_example_com same Letsencrypt like it is on Virtualmin ? Am I right ?
And I not need to worry about yellow padlock in that case …

I’m sorry for lot of this questions but I really have a demanding clients and I have to do a lot of things in terms of security
Thanks for answers.

4

No, of course not. Unless hostname.example.com is an alias within example.com and included in the certificate. How could a different name possibly work? I’m saying that if you have a Virtualmin domain example.com and it has a certificate, if you connect to https://example.com:10000, Webmin will use the certificate for example.com.

I don’t know what a “yellow padlock” is. I assume it means there is an SSL/TLS validation problem. If that’s the case, you probably should worry about it. But, it’s not at all related to getting a certificate specific for Webmin (which you don’t need to do, if you’re using Virtualmin and have any domains with certificates that are valid). You need to look at it to know what that error is, though, the lock itself is not useful data.

5

@Joe
I am sorry maybe I didn’t explain well.
I am new on Virtualmin so from that reason am asking this, becuase I tought maybe when I create SSL for my domain then automaticaly I will get SSL also for hostname.

I’m using cerbot / letsencrypt to create certificates and it seems to work just fine on website but I am worried about https://example.com:10000 <— port number

And as I said before I followed some instructions to install Letsencrypt for Webmin, but obviously there is a problem.

My issue now is that Webmin is being accessed on https://example.com:1000 and it works, but the browser doesn’t support the certificate as “valid” - it says “not secure” and the https has a strike-through line over it and it’s marked yellow. (attached image)

Why would that be?
Do I have to use a proxy for 10000 port somehow to match it with 443?
If I access just https://example.com it works (but something else resides here, not Webmin).
So how would I go about making SSL certificate work on a 10000 port ?

Thank you for your help

yellow
yellow720×408 92.7 KB

6

You’re not making any sense. What hostname are you talking about?

If you setup a domain named example.tld in Virtualmin, and get a Let’s Encrypt certificate for it, it will work for Webmin. Any aliases that you get a certificate for (Virtualmin has some automatic aliases, but you can also create your own, and assuming DNS is correct, they will also work and can also request certs from LE) will also work for Webmin.

Ports are not specified in certificates. Any service on any port can use a certificate. A cert is for a name, not a port or service.

Be careful doing that. People on the internet very often manage to make simple things wildly complicated and break the simple paths in weird ways. I strongly recommend you follow our docs, and use the built-in features, exclusively, until you really know what you’re doing. I haven’t read the docs you linked (and won’t, because I’m sure they’re wrong and overly complicated and that’ll just make me mad).

You don’t need to follow any docs for this. If you have a certificate for any Virtualmin managed domain, you’re done. Stop poking at it, stop making things hard. Just use the Virtualmin managed name to connect to Webmin.

1 Like
7

as @Joe said…

I’m saying that if you have a Virtualmin domain example.com and it has a certificate, if you connect to https://example.com:10000 , Webmin will use the certificate for example.com

that is the correct way and simplfied way…

9

Please open new topics about new questions. DMARC is unrelated to your Webmin SSL question.

1 Like
10

Thank you @Joe for support.
No need for another topic., I solved all issues.
We can close this topic here.

1 Like
11

This topic was automatically closed 8 days after the last reply. New replies are no longer allowed.