As expected, MSIE gives me the security page saying the page isn’t secure and warning me not to continue. I click through anyway.
Is there a way to avoid that and go straight to the page? The maindomain.com is the site that is secured, but that is on port 443.
If I attempt to secure hostname.maindomain.com Virtualmin warns me away saying only one ssl per ip. Which I knew, but figured I could still use a self - cert on it. Is that the way to go or is there another way? Perhaps with the ‘virtual interface’ option (and is that what I would get a ‘private ip’ for from my host?
Is there a way to avoid that and go straight to the page? The maindomain.com is the site that is secured, but that is on port 443.
Is there a way to avoid that and go straight to the page? The maindomain.com is the site that is secured, but that is on port 443.
You’re conflating multiple questions here.
SSL can run on other ports, and if configured correctly and with a valid certificate for the specific domain being accessed it will not cause a warning in the browser.
A self-signed certificate will always give a warning in all browsers. These is no way to avoid it, because a self-signed certificate is only providing half of the picture (SSL gives identity as well as security…self-signed removes the identity feature, and enables man-in-the-middle attacks). The browser should warn about self-signed certificates.
Perhaps with the 'virtual interface' option (and is that what I would get a 'private ip' for from my host?
No. You can’t trick the SSL protocol into having features it does not have. If you could, man-in-the-middle attacks would be possible, and SSL would be completely worthless.
Just did some poking around and found the ‘copy to webmin’ button under the ssl management - I had missed that before. I’m thinking I’m supposed to click on that - eh?
What does that do? It seems like if that address is secured, and if the port doesn’t matter… what is is changing?
What does that do? It seems like if that address is secured, and if the port doesn't matter... what is is changing?
I suspect you’re conflating again.
Apache and Webmin are completely different services. Webmin has its own web server that is entirely independent of Apache. So, when you configure Apache (or Postfix or Dovecot or ProFTPd, since they’re also different services) with an SSL cert, you’re not doing anything to Webmin’s configuration. This button is for when you want the SSL certificate for one of your domains to also be the certificate for Webmin.
A common question once that is understood is, “Well why isn’t that just automatic?” And the answer is because most Virtualmin users have a lot more than just one SSL website, and they often want a single SSL URL for management (something like https://admin.hostingprovider.com:10000)…and it may not even be a URL that has a website on the Virtualmin system.
oh, got it (had to read through it twice, but I’ve got it).
I had noticed that apache could be down but I still had access to the control panel, and had never understood that either, but you just furthered my understanding of that as well Just to further the conflating theme!