|Operating system|Ubuntu Linux 20.04.5|
|Webmin version|2.013|Usermin version|1.861|
|Virtualmin version|7.5|
I built 2 servers on the oracle free cloud and they share the same public subnet.
They both have the same versions of software and both are updated.
Server1 has the “Setup Apache SSL website” and it works fine
Server2 does not have the option in the create or edit.
I just ran certbot certonly and got a success message and its put the certificates in etc/letsencrypt/live… but the website is still not secure.
So why has this instance of virtualmin not included the SSL option
many thanks
In Virtualmin 7.5, by default when you create a new domain and check the “Setup Apache website” option an SSL website will also be enabled automatically. Our thinking is that there’s no reason not to always enabled SSL…
There should be no need to run certbot manually. Instead, after creation go to Server Configuration → SSL Certificate and request a Let’s Encrypt cert.
I just made this website, it is the only one on the server
There was no option to enable SSL on creation which I understand has now been automated.
During the creation dialog it reported Creating SSL certificate and private key … … done Adding new SSL virtual website … … done
But the site does not have a certificate
I have a few sites on my other 7.5 vmin which does have the option
I have created an account plan to include SSL
and both checkboxs are ticked in the plugins SSL options
any thoughts?
What do you mean by the site doesn’t have an SSL certificate? It may have a self-signed cert which is the default if Virtualmin can’t request a valid cert at setup time from Let’s Encrypt…
And not surprisingly, the flatearth site is unsecured and the crabline site is. In fact, it says that the flatearth site doesn’t have a certificate. If it did have a self signed I would think it would have a no-good certificate error, not a no certificate at all error.
I think it’d be better to have the “setup ssl website too” check option in there.
It enabled me to troubleshoot when ssl certificate breaks or expires causing nginx to stop functioning and reluctant to restart because of certs mismatching or any other ssl related problems.
It was easier to tackle on such problems before just by disabling the ssl option, get nginx up and running next then re-enabling the ssl option always have worked.
Sometimes expired letsencrypt certs give all sorts of problems especially when you need or decide to revert the location path of ssl certs files back to virtualmin folder from website’s home directory.
Maybe it’s just me but that little check box never really bothered me lol it’s sad to see it go.
Actually, I’d be happier if the SSL certificate was not automatically generated when a site is created, and would like an option to specify this.
We run everything behind Haproxy which handles the SSL termination and communicates with the back-end sites without SSL. We can suppport more current options like HTTP/3 this way, so having SSL turned on at the back-end is a waste as it will never be used.
Sorry, that’s only to configure a Let’s Encrypt certificate. I’m seeing a self signed certificate being generated, which is what was mentioned earlier in this thread.
I’d like an option to not generate any SSL certificate.
SSL certificate is required for HTTPS website. If u would like to run only HTTP website without encryption, than you can specify this during virtual server creation process or in tab “Edit Virtual Server”
Edit Virtual Server → Enabled features → disable option “Apache SSL website enabled”
@spiffybrian same here I have another virtualmin run localy hosting few apps and proxying them out via production server with ssl but target i plain http. No need for encrypted traffic inside my LAN. It would make things difficult in future.