I have Webmin and it allays uses https and I just said continue anyway.
But now that I have https I coped and paste the /etc/letsencrypt/live/XXXX cert.pem to Webmin Certificate Authority in the
Edit CA certificate part. Saved it and now it goes there with out telling me it’s not connection is not private. But it now has a red https with a / thought it. So I guess something is still not right.
I did copy between the Begin and end certificate text.
Or do I have to copy some other .pem file in the CA certificate of Webmin? There is chain, fullchain and privkey ones.
You probably stii have insecure content ( pics/css/js ) loaded.
Use the Inspector in Firefox/Chrome and look at Network, if the connections point to http:// then that’s it, you need to link those via https://
Webmin needs privkey.pem for the key.
cert.pem for the actual certificate and there is a box below all that for adding chain.pem
The chain.pem will need to be type in with full path.
Without all three of those it won’t be a proper TLS connection.
Webmin needs the chain file or the browsers wont trust the cert. If one used the fullchain.pem as the cert it may not complain as that contains the chain with the cert.
Mixed content usually shows a yellowish icon. At least as I recall.
I think you’re running into an error here:[quote=“Ray, post:1, topic:6453”]
I did copy between the Begin and end certificate text.
[/quote]
You need to copy the full content of the required .pem files:
Got it working in Webmin. It was easy now that Webmin has a new "Let's Encrypt" tab.
You go under Webmin on the left and pick "Webmin Configuration" then the "SSL Encryption" key icon. Then can see the Let's Encrypt tab at the top right.
It will say this because it don't know were the command is:
Check the module configuration page to ensure you are using the correct path to the letsencrypt or letsencrypt-auto command.
You can click on "module configuration" then put in this in the Full path to Let's Encrypt client command.
I had to put were the command was /root/letsencrypt/letsencrypt-auto because Webmin could not auto find it.
Then log in with your URL you set up with Letsencrypt and it will not says it's not private any more.
Then in Webmin under the Let's Encrypt tab can click on "Request Certificate".
Webmin will say then under that tab this:
Let's Encrypt is a free, automated, and open certificate authority that can be used to generate an SSL certificate for use by Webmin.
This page can be used to request a new certificate, which will overwrite any other currently have configured in Webmin. However, the Let's Encrypt service requires that your ownership of the certificate domain be validated by checking that this system hosts the website for the domain. This is done by placing a small temporary file in the website's document directory.
Nice it has it built in for this let's encrypt now.
Even if this topic is a bit older: If you are used to request a certificate for the domain you are using for webmin anyway, you should just specify the paths to the certs like this (sorry, my webmin is configured to be served in german, but should be understandable anyway):
If you renew your cert, just restart your webmin server like service webmin restart or any other way you use to start/stop/restart your webmin instance.
Thank you that’s good. I edit my Webmin like you show in your screen shot of it. Just replace the blacked out with your URL name.
Saved it and Webmin did not say error. So looks like it worked.
But it worked before this too. I guess Webmin copied the keys to it’s keys from the Let’s Encrypt ones.
Webmin auto checked mine in the SSL protocol versions to reject and it has all but the last one TLSv1.2 checked. Looks like only the 1st 2 on yours are checked.
Some times seems hard to get Webmin to work with the Let’s Encrypt tab. If you have the red https with a slash though it webmin can with a little time not display.
The best way is to paste the 3 places in the SSL Settings tab. Save and it my not display but re-go to the https and it works.
Thank you Freigeist for showing this. Works good with Webmin.
I have letsencrypt working on an Apache server running on the same box as my webmin, just a different port. So I know the keys are right. But webmin gives me the following error:
Failed to save SSL options : The SSL private key file /etc/letsencrypt/live/[mydomainname].com/privkey.pem does not exist or does not contain a PEM format key
