I have been trying to set up a safe https connection to my Webmin browser GUI.
I have made some work using ssl certificates. Is it the right way? Do I need a CA certificate in order to have my wish fulfilled?
Help is appreciated in the form of commentary, links or pointing to the right material to read.
Is it possible to secure Webmin or any other Web Gui without a domain? Making it secure locally using only (ip:port number)?
I do not like to have Webmin Gui open in the internet. I am trying to Vpn to my Lan and acess it locally.
Even with just an IP its open in the Internet, so it doesnt matter if its accessible via Domain or just via IP.
You can limit access to it with the firewall.
And what I read about LE (Let’s Encrypt) id that they dont offer certificates for IPs. Meaning only for DNS names. But I could be wrong about that.
IF you have ssh access to the machine, you can close public webmin port all together and access it through ssh forwarding.
For ssh, connect to the server with the -D:port option.
ssh -D:2000 username@public-ip
Then set your browser to proxy all traffic via socks5 and 127.0.0.1:2000. All traffic will be forwarded through the ssh to the server. Will be able to access any ip on the server since all your traffic looks like “localhost” traffic to the server. So you’d access webmin via the servers ip:10000. If works, close port 10000 in the firewall to block public access.
Let me just clarify that i can acess Webmin Gui using a webbrowser on a local machine. My question’s purpose is to understand more about the process itself. I am a computer engineer, not a software one. I have much interest in this matter for my ongoing projects. I am learning a lot on how to create a website and host it on a local server.
When I installed Webmin, I had acess using https://ip:10000. Back then the browser still didn’t recognize the original certificate as being a trusted one, but the HTTPS worked regardless.
One time I have fiddled with the certificate creation in the “Webmin Configuration/ SSL Encription”. I began not to have acess to the Webmin GUI. In order to get it back up, i “nanoed” /etc/webmin/miniserv.conf and removed SSL option. Now I can access the GUI using HTTP://ip:10000.
What I wish is to find out if there is a possibility to have Webmin or Pi-Hole GUI with HTTPS and browser safety recognition. Everything accessable at local network even when my internet connection is down.
I feel my question hasn’t gone through yet, maybe my conception of how it works is not yet still good enough.Anyhow, your time and help is being appreciated.
The SSL connection still worked, because its self-signed and depending on the browser configuration you can still use https with that (even though you get a warning).
If you want to know more about encryption and how it works, simply google (or other search enginges) letsencrypt. Their website actually tells you a lot about that. That should do as first basics.
If you want a ssl cert, which will be recognized as legit by default you either need a domain for that or a paid ssl cert (some companies offer certs for direct IP usage, at least in the past).