Virtualmin web interface does not work in Chrome anymore without valid certificate

OS type and version Debian 10
Webmin version 1.994
Virtualmin version 7.1-1
Related packages SUGGESTED

Edit: I changed the title to be more accurate.

I just installed virtualmin on Debian 10. Installation went fine, but the part where you finish by going to the web interface at port 10000 does not work in Google chrome 103.0.5060.66.

The menu loads but the main page doesn’t. It works fine in Firefox. My guess is that Chrome got even more strict about sites without a proper certificate. Maybe the certificate should be requested in the command line install script instead of in the web interface


Google Chrome still works as before, it’ll just give you a nag screen about it being an unrecognized certificate then let you proceed at your discretion. Perhaps something didn’t install correctly, or you need to give Webmin a reboot.

*** Professional, Affordable, Virtualmin Assistance ***

This is after the Chrome nag screen. Virtualmin without valid certificate does not work in the latest Chrome. Disabling ssl for the default domain also shows the problem. Chrome Devtools shows multiple ERR_CERT_AUTHORITY_INVALID errors for ajax calls loading scripts.

I guess we are going quickly to an age where unsecured websites just won’t work anymore.

Problem with webmin working in google chrome - Webmin - Virtualmin Community

Which is ridiculous; but I concur.

The work-around (before you get legit SSL Let’s Encrypt certificate) is to fully reload the page, and then type in a nag screen thisisunsafe to bypass SSL certificate warning screen in all Chromium based browsers.


OK. I can often not replicate the problem. In incognito mode and on another computer it works. Then I disabled all Chrome plugins and Virtualmin in insecure mode loaded normally. Few minutes later, again it didn’t.

Anyway: Just forget it. Could well be just my problem. The good thing is with a valid certificate everything is fine.

It’s not you. This happens every single time we set up a server, and we have to do the thisisunsafe thing every time. We usually “fix it” by installing a Lets Encrypt certificate for the root domain after set up is complete. It’s worked this way for many months.

1 Like

Just type thisisunsafe over the Chrome message telling you the page can’t be opened. You’ll see nothing while typing but you will get access as soon as you finished typing.


This topic was automatically closed 8 days after the last reply. New replies are no longer allowed.