One SSL cert for all virtual servers on the box

Dim_Git · August 20, 2009, 10:19am

Hi,

Is it possible to use just one SSL cert (Godaddy) for all users/domains who log in to Usermin/Webmin services on the box or must each VS have it’s own cert?

Bear in mind that I only want the cert to apply to WM/UM services.

So much reading my brain cannot absorb much more and perhaps I am loosing the plot.

Thanks for reading.

ronald · August 20, 2009, 2:20pm

you need a certificate for each domain or get a multi-cert which is one certificate for many domains (expensive).

for webmin and virtualmin you could use the selfsigned certificate.
or have one for your main domain and let your users login over that url.

Dim_Git · August 20, 2009, 3:20pm

Thanks Ronald.

I don’t like the self signed cert because it “sounds” scary to the users.

I thought I could use one for the box (first domain) and let the users log in via that domain, but it doesn’t seem to work, perhaps I am doing it wrong.

I have set the cert for the first domain on the box, say “firstdomain.com”.

Would the users then go to “https://firstdomain.com:10000” (or :20000) and login using their own credentials or am I missing something again ?

PS. seems like it is just you and me on here at the mo. Is everyone else on vacation or have I frightened them away ? :o)

ronald · August 20, 2009, 4:50pm

hey
basically you can use any domain for any user to log in with their own credentials.

From a trust point of view you should use your domain that the clients know. They would go to https://firstdomain.com:10000

Dim_Git · August 21, 2009, 6:46am

That is exactly what I thought.

But it didn’t work.

Now it does! Why ? I have not got a clue. Must have done something wrong/stupid.

Thanks for putting me right.

ronald · August 21, 2009, 3:09pm

so what Im doing is going to the fqdn: https://sv01.domain.nl:10000

then use credentials for any client with webmin access.

Dim_Git · August 22, 2009, 5:37am

Thanks Ronald.

I must have done something wrong because when I tried that before, it didn’t work and I just got a wrong credentials error. Now it does work. I just has to be my fault.

Of course, the only bad thing with allowing this is that Webmin cannot be restricted to access from only one IP.

ronald · August 22, 2009, 9:50am

what you could do is to disallow root access to webmin, first create a user with access to modules you need (or all) and login with that user.

Dim_Git · August 22, 2009, 4:22pm

Ah !

That’s cool, thanks Ronald I will have a play later.