I have 3 servers configured in virtualmin, each on it’s own IP address and with it’s own SSL cert from StartSSL. All I want to do is to be able to use all services within each server with it’s own SSL certificate.
The problem is - when I select “server1” then go to Server Configuration --> Manage SSL Certificate and copy “server1” certificate to Usermin, Webmin, Dovecot and Postfix - everything works fine, but only until I’m working with “server1”.
When I go to “server2” - browser and mail client tells me, that “server2” uses a certificate issued to “server1”…
The same happens when I try to login to “server3”…
Am I doing something wrong? And is there any way to fix this?..
When you browse to server2 and server3, even though you get an SSL warning – is the website itself correct? Are you indeed seeing the website to server2 and server3, or are you seeing the server1 website?
All services work as they should, except for SSL. I can get and send mail, I can login to Webmin and Usermin of all three servers, but I can’t get them use their own SSL certificate.
if you copy the cert to webmin/postfix/dovecot then it will creat the copy in /etc/dovecot.cert.pem
so if you do this for the other domains,
I can imagine the server2 will overwrite server1 and server3 will overwrite server2
If you can confirm this behaviour then you need to rename the certs for each domain.
You’re absolutely right. The output of copy function says:
Copy SSL Certificate
In domain “server1”
Copying certificate and key to Postfix files …
… wrote out /etc/postfix/postfix.cert.pem and /etc/postfix/postfix.key.pem
Enabling SSL in Postfix configuration …
… done
Copy SSL Certificate
In domain “server1”
Copying certificate and key to Dovecot files …
… wrote out /etc/dovecot/dovecot.cert.pem and /etc/dovecot/dovecot.key.pem
Enabling SSL in Dovecot configuration …
… done
Then we go to server2 and try to do the same…
Copy SSL Certificate
In domain “server2”
Copying certificate and key to Postfix files …
… wrote out /etc/postfix/postfix.cert.pem and /etc/postfix/postfix.key.pem
Enabling SSL in Postfix configuration …
… done
Copy SSL Certificate
In domain “server2”
Copying certificate and key to Dovecot files …
… wrote out /etc/dovecot/dovecot.cert.pem and /etc/dovecot/dovecot.key.pem
Enabling SSL in Dovecot configuration …
… done
So question is - how should I rename those certificates so that webmin/usermin/postfix/dovecot would “understand” and use right certificate for each domain?..
So question is - how should I rename those certificates so that webmin/usermin/postfix/dovecot would “understand” and use right certificate for each domain?..
Unfortunately, Apache is the only one of those daemons that supports having multiple SSL certificates in it.
For Postfix, Dovecot, Usermin, and Webmin – you can only have one SSL certificate.
If you’re hoping to have SSL certs for all those domains in each of those daemons, you might consider purchasing a UCC SSL Certificate, which is one SSL certificate that has multiple domains in it.
StartSSL allows multiple domains under one certificate, however, my understanding that this is for a single IP address, not a separate one for each domain. As such, it looks like multiple StartSSL domains will work to sign for multiple domains in virtualmin/webmin
See: https://www.startssl.com/?app=25#38