Updated miniserv.pem now installation is hosed, refused to connect, cannot get in to webmin.

4 posts / 0 new
Last post
#1 Wed, 02/15/2017 - 11:27
scooper

Updated miniserv.pem now installation is hosed, refused to connect, cannot get in to webmin.

Just went through buying an SSL cert with Commodo for our server. Followed the directions on webmin configuration. uploaded .key and .crt files. clicked submit and got failed to write a new PID. I've rebooted the server and everything. I think (Hope) it's still serving out our hundreds of hosted websites but I can't tell because I can't get anywhere to manage this.

When I check the webmin status I get this:

root@cloudhost-01:/etc/webmin# service webmin status
● webmin.service - LSB: Start or stop the Webmin server
   Loaded: loaded (/etc/init.d/webmin)
   Active: active (exited) since Tue 2017-02-14 17:14:03 EST; 19h ago
  Process: 3011 ExecStop=/etc/init.d/webmin stop (code=exited, status=1/FAILURE)
  Process: 3167 ExecStart=/etc/init.d/webmin start (code=exited, status=0/SUCCESS)

Feb 14 17:14:01 cloudhost-01 perl[3168]: pam_unix(webmin:auth): authentication failure; logname= uid=0 euid=0 tty= ruser= rhost=  user=root
Feb 14 17:14:03 cloudhost-01 webmin[3168]: Webmin starting
Feb 14 17:14:03 cloudhost-01 systemd[1]: Started LSB: Start or stop the Webmin server.
Feb 15 12:03:24 cloudhost-01 perl[3169]: pam_unix(webmin:auth): authentication failure; logname= uid=0 euid=0 tty= ruser= rhost=  user=root
Feb 15 12:08:45 cloudhost-01 systemd[1]: Started LSB: Start or stop the Webmin server.
root@cloudhost-01:/etc/webmin#

ps aux | grep miniserv.pl returns nothing other than the grep process.

I'm dead in the water. any help would be greatly appreciated!

Wed, 02/15/2017 - 11:44
scooper

multiple reboots, still no dice. this is the last look at the status.

root@cloudhost-01:/home/admin# service webmin status
● webmin.service - LSB: Start or stop the Webmin server
   Loaded: loaded (/etc/init.d/webmin)
   Active: failed (Result: exit-code) since Wed 2017-02-15 12:31:19 EST; 7min ag                                                                                            o
  Process: 406 ExecStart=/etc/init.d/webmin start (code=exited, status=255)

Feb 15 12:31:17 cloudhost-01 perl[413]: pam_unix(webmin:auth): authenticatio...t
Feb 15 12:31:19 cloudhost-01 systemd[1]: webmin.service: control process exi...5
Feb 15 12:31:19 cloudhost-01 systemd[1]: Failed to start LSB: Start or stop ....
Feb 15 12:31:19 cloudhost-01 systemd[1]: Unit webmin.service entered failed ....
Hint: Some lines were ellipsized, use -l to show in full.
root@cloudhost-01:/home/admin# service webmin status
● webmin.service - LSB: Start or stop the Webmin server
   Loaded: loaded (/etc/init.d/webmin)
   Active: failed (Result: exit-code) since Wed 2017-02-15 12:31:19 EST; 7min ago
  Process: 406 ExecStart=/etc/init.d/webmin start (code=exited, status=255)

Feb 15 12:31:17 cloudhost-01 perl[413]: pam_unix(webmin:auth): authentication failure; logname= uid=0 euid=0 tty= ruser= rhost=  user=root
Feb 15 12:31:19 cloudhost-01 systemd[1]: webmin.service: control process exited, code=exited status=255
Feb 15 12:31:19 cloudhost-01 systemd[1]: Failed to start LSB: Start or stop the Webmin server.
Feb 15 12:31:19 cloudhost-01 systemd[1]: Unit webmin.service entered failed state.
root@cloudhost-01:/home/admin#
Wed, 02/15/2017 - 12:32
scooper

I've tried cat file.key file.crt > miniserv.pem EXACTLY like the faq says to do. still no luck. I get this error. Does anyone know how to fix this!?

root@cloudhost-01:/etc/webmin# /etc/webmin/start
Starting Webmin server in /usr/share/webmin
Failed to open SSL key /etc/webmin/miniserv.pem at /usr/share/webmin/miniserv.pl line 4380.
root@cloudhost-01:/etc/webmin#
Wed, 02/15/2017 - 13:46
scooper

Upon searching some more and trying to validate the crt file I was using I found that something is wrong with it:

root@cloudhost-01:/etc/webmin# openssl x509 -noout -text -in /etc/webmin/cloudhost-01.crt
unable to load certificate

I ran these commands to generate a new self signed cert and that got me functioning again. However now I need to fight with comodo and find out what is wrong with the cert they gave me.

openssl genrsa -des3 -out webmin.key 1024 
openssl rsa -in webmin.key -out webmin.pem 
openssl req -new -key webmin.key -out webmin.csr 
openssl x509 -req -days 365 -in webmin.csr -signkey webmin.key -out webmin.crt 
cat webmin.crt >> webmin.pem 
cp webmin.pem /etc/webmin/miniserv.pem 
/etc/init.d/webmin restart

I found this helpful snippet to generate a new .pem from the command line here: http://www.paulscomputerservice.net/articles/article.php?ID=266 ...On my install it required a passphrase but I think that was only for temporary files during the process so it doesn't seem to matter what you choose.

Topic locked