I have Pound (www.apsis.ch/pound) installed on my server to handle all SSL authentication, load balancing, and reverse proxying. Virtualmin is reporting the error:
Error - Bad Request
This web server is running in SSL mode.
Try the URL https://my.domain.com:10000/ instead.
I find the string above in miniserv.pl (in /usr/libexec/usermin and /usr/libexec/webmin).
My Pound configuration is such that when it sees https://my.domain.com, it SSL authenticates it and sends it to https://www.domain.com:10000.
The problem, it seems, is that the Virtualmin scripts don’t take into consideration that SSL authentication can be done by some agent other than Apache. So, how do I turn off the Webmin/Virtualmin SSL check that is going on and causing problems?
Post edited by: fatbear, at: 2008/05/27 11:33
Post edited by: fatbear, at: 2008/05/27 11:33<br><br>Post edited by: fatbear, at: 2008/05/27 11:35
If you don’t want Webmin to SSL-encrypt its traffic, then you’ll need to turn off SSL in Webmin. Browse to Webmin:Webmin:Webmin Configuration and click on “SSL Encryption”.
If you’re trying to accomplish something else…you might read up on using Webmin proxied behind Apache:
Obviously, you wouldn’t be able to get much from the Apache configuration details, but it might be useful to understand how Webmin can be configured to behave under a proxy–since Pound is just a web proxy.
Thanks, Joe. Turning off SSL in webmin was exactly what I wanted to do. Pound is not only serving as a reverse proxy, but it is also serving as a load balancer. Also, on some of our systems, we’re using an F5 load balancer that also takes care of SSL authentication. So, turning off SSL for Apache, Tomcat, etc., was what we needed to do.
Also note that ports 10000 and 20000 are blocked in our corporate environment. So, I was not even able to access Virtualmin’s admin interface in that environment. So, whether a person uses Apache via Pound, F5, or mod_proxy/Apache, it is quite useful to allow traffic to be handled by port 443 as managed by the proxy of choice.
Thanks, again, for your help… just what I needed!
Interesting… I note that when I do the mapping for port 20000, I still get the same:
Error - Bad Request
This website is running in SSL mode. Try the URL https://my.domain.com:20000/ instead.
The port 10000 item is working just fine. Any idea as to whether there is yet another SSL item that needs to be configured/turned off?