PHP-MyAdmin update which breaks PHP-FPM which in turn broke Virtualmin SSL cert - it's complicated (and SOLVED)

OS type and version Centos 8
Webmin version 1.984
Virtualmin version 6.17
Related packages n/a

So I had an installation of the PHP-MyAdmin script on my server’s Virtualmin URL (in a sub-path). This used to work. Today I went back to open it and it wasn’t working (clicking the link did nothing) and it said in Virtualmin that it needed an update. I clicked update.

On completion, every site on the server was down - I tried restarting Apache and PHP-FPM. PHP-FPM would not restart.

Ah ha, I’ve seen this before where the ongoing bug of a clash or misconfiguration of SSL and the PHP .CONF files gets out of whack.

My quick and easy fix to this is just disable Apache and SSL on the bad site and re-enable and it corrects itself.

Except, my subject virtual server here is also the Virtualmin server. So that killed access to Virtualmin because it no longer had an SSL cert.

I found the way to get back in was to disable SSL on Virtualmin via this trick -

So I added Apache and SSL back to the Virtualmin virtual server - re-enabled and restarted SSL per the trick above - and fail… Virtualmin was now using the wrong SSL cert (using the first one on the virtual server’s list) even though it had the correct certificate installed under ’ Current SSL certificate details

So, I found that this old bug was the culprit -

Sure enough, in the /etc/webmin/ folder it had copied the .cert, .key and .ca files for the default first virtual server and updated the miniserv.conf to use these incorrect certs.

The fix here was to find the correct cert files in the /home/serverName folder and copy them back to /etc/webmin and update their references in miniserv.conf (and re-enable SSL=1).

Restart webmin - # /etc/init.d/webmin restart and it was working again.

So, my point here. There’s 2 ongoing issues with Virtualmin:

  1. That the SSL/PHP-FPM confs can sometimes get out of sync and take down PHP.
  2. That the correct certificate should be restored in miniserv.conf when it’s updated via virtualmin.

Thanks for reading and hopefully fixing in future.

Yup also works if that broken is because of user limits, i had some user on diskspace 10Mb or so , parked domain, but the webalyzer did go on the max, then the renew letsencrypt failed no space / rights limits

Where then problem solved in some way you did wrote above.

Is bit offtopic, but if problem with certs , look in log files also for other errors, for those who find this topic with search.

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.