Webmin is running but can't login due to SSL certificate

SYSTEM INFORMATION
OS type and version: Ubuntu Linux 20.04.3
Webmin version: 1.984
Virtualmin version: 6.17-3

I just get a white screen in the Chrome browser when I try to login. In Firefox I get:

Secure Connection Failed
An error occurred during a connection to the page you are trying to view cannot be shown because the authenticity of the received data could not be verified.

The browsers are able to connect to https://xxx.com:10000 but I don’t get a login box for my username and password.

can you provide the screenshot? - i believe you can log in…

Here are the pages from Brave and Firefox. The domain and port have been working for a long time.

hi, well from screenshots I can see you are trying to log into wrong page. example.com will not work. In other words I would suggest you to open private tab and try to log into by that way however normal tab should work, you will need to have proper domain name or your lan ip address of your server. example.com domain is bad choice.

@gscerb also if you look at your screenshot closely you trying to load page in wrong port… let me post you screenshot of your screenshot

edit…here we go:

image

Here are the last lines from miniserv.error

Subroutine get_users_group redefined at /usr/share/webmin/acl/acl-lib.pl line 1768.
Subroutine check_password_restrictions redefined at /usr/share/webmin/acl/acl-lib.pl line 1785.
Subroutine hash_session_id redefined at /usr/share/webmin/acl/acl-lib.pl line 1829.
Subroutine hash_md5_session redefined at /usr/share/webmin/acl/acl-lib.pl line 1851.
Subroutine md5_perl_module redefined at /usr/share/webmin/acl/acl-lib.pl line 1908.
Subroutine session_db_key redefined at /usr/share/webmin/acl/acl-lib.pl line 1930.
Subroutine setup_anonymous_access redefined at /usr/share/webmin/acl/acl-lib.pl line 1944.
Subroutine remove_anonymous_access redefined at /usr/share/webmin/acl/acl-lib.pl line 1993.
Subroutine get_anonymous_access redefined at /usr/share/webmin/acl/acl-lib.pl line 2029.
Subroutine join_userdb_string redefined at /usr/share/webmin/acl/acl-lib.pl line 2052.
Subroutine validate_userdb redefined at /usr/share/webmin/acl/acl-lib.pl line 2068.
Subroutine userdb_table_sql redefined at /usr/share/webmin/acl/acl-lib.pl line 2166.
Subroutine used_for_anonymous redefined at /usr/share/webmin/acl/acl-lib.pl line 2239.
Subroutine get_safe_acl redefined at /usr/share/webmin/acl/acl-lib.pl line 2257.
Subroutine generate_random_session_id redefined at /usr/share/webmin/acl/acl-lib.pl line 2271.
Subroutine check_md5 redefined at /usr/share/webmin/acl/md5-lib.pl line 11.
Subroutine encrypt_md5 redefined at /usr/share/webmin/acl/md5-lib.pl line 29.
Subroutine unix_crypt_supports_md5 redefined at /usr/share/webmin/acl/md5-lib.pl line 117.
Subroutine to64 redefined at /usr/share/webmin/acl/md5-lib.pl line 126.
Subroutine check_sha1 redefined at /usr/share/webmin/acl/md5-lib.pl line 137.
Subroutine encrypt_sha1 redefined at /usr/share/webmin/acl/md5-lib.pl line 145.
Subroutine encrypt_sha1_hash redefined at /usr/share/webmin/acl/md5-lib.pl line 154.
Subroutine check_blowfish redefined at /usr/share/webmin/acl/md5-lib.pl line 162.
Subroutine encrypt_blowfish redefined at /usr/share/webmin/acl/md5-lib.pl line 170.
Subroutine unix_crypt_supports_sha512 redefined at /usr/share/webmin/acl/md5-lib.pl line 194.
Subroutine check_sha512 redefined at /usr/share/webmin/acl/md5-lib.pl line 203.
Subroutine encrypt_sha512 redefined at /usr/share/webmin/acl/md5-lib.pl line 210.
Subroutine validate_password redefined at /usr/share/webmin/acl/md5-lib.pl line 220.
Subroutine is_dictionary_word redefined at /usr/share/webmin/acl/md5-lib.pl line 261.
Use of uninitialized value $access{“role”} in split at /usr/share/webmin/webmin/webmin-lib.pl line 1225.
[23/Jan/2022:16:55:15 -0500] Restarting
[23/Jan/2022:16:55:17 -0500] miniserv.pl started
[23/Jan/2022:16:55:17 -0500] IPv6 support enabled
[23/Jan/2022:16:55:17 -0500] Using MD5 module Digest::MD5
[23/Jan/2022:16:55:17 -0500] Using SHA512 module Crypt::SHA
[23/Jan/2022:16:55:17 -0500] PAM authentication enabled
[23/Jan/2022:16:58:57 -0500] miniserv.pl started
[23/Jan/2022:16:58:57 -0500] IPv6 support enabled
[23/Jan/2022:16:58:57 -0500] Using MD5 module Digest::MD5
[23/Jan/2022:16:58:57 -0500] Using SHA512 module Crypt::SHA

have you seen my last post to you? Webmin running, can't login - #5 by unborn

Is it possible to downgrade webmin to a previous version? webmin 1.983

Downgrading isn’t going to do anything good.

All of my sites are displaying well.
Does it seem like Webmin is corrupted and the solution is to rebuild the server?

Definitely not! That’s crazy talk. This is a minor issue.

The Firefox error seems like you have a self-signed certificate. Could also be an expired cert.

If you have a Virtualmin-managed domain that has a working and up to date certificate (e.g. from Let’s Encrypt or whatever), and you configured SSL in Virtualmin for that domain, you can connect to Webmin on that same domain, and Webmin will use the certificate for that domain. It should work, since you know the same cert works on your regular website.

None of the log messages you’ve posted are indications of anything unusual or broken. They’re just various Perl warnings that come from Webmin being a huge and old codebase, and we turned on warnings and strict a while back…we haven’t cleaned up all the old code. They are harmless.

1 Like

The regular site shows that the connection is secure
image

The regular site using the custom Webmin port shows insecure.
image

What certificate is being served by Webmin? Is it a self-signed cert, or none at all?

Also try other browser as Edge.
If message not secure then go on with that to display site.

That is easier with edge mostly to bypass.

In FF you can to but have to configure some.

No real solution but kind of workarround to login :wink:

The cert on hostname and/or webmin vitualmin ports / server…

Recently, Google Chrome browser (based on Chromium) made it more difficult to login with self-signed certificates, removing a button from UI, to be able to proceed, by accepting self-signed certificate manually. Microsoft Edge browser, as any other Chromium based browser would return the same results.

There is a work-around though, as you visit the website with self-signed certificate using Chromium based browser, and there is no button on UI to bypass SSL warning, simply type the following (not in URL, just type, right after opening the page), forcing Chromium based browsers to proceed:

thisisunsafe
1 Like

YUp so is it what we do at new installations of domains where cert isn’t there at the moment ( or test subdomain ).
Or Edge

Edit: i did mean a real cert isn’t there, selfsigned should work with workarrounds in browsers.

Certificate must be there, otherwise it won’t work at all. For self-sign certificates there should be a way to bypass this warning by clicking a button. If there is no button for some reason you could use the suggested work-around.

To be clear, regularly after installing Virtualmin using install script, there should be no issues like this. The only error you should get is NET::ERR_CERT_AUTHORITY_INVALID, which must display a button like below to continue to login page, and request/setup legit SSL certificate later:

His doesn’t. I get the same error he gets but there is no proceed to site setting available on Chrome, Edge or Firefox. You can’t even view source on it.

Here this works self signed.
"just type, right after opening the page) “thisisunsafe”

1 Like