After upgrading to Webmin 1.910, can no longer connect: SSL_ERROR_NO_CYPHER_OVERLAP

I was using Webmin and it told me a newer version was available, so I clicked the button to install it. No errors, except when it finished, the following error appeared in the Firefox browser:

Secure Connection Failed

An error occurred during a connection to server.example.com:10000. Cannot communicate securely with peer: no common encryption algorithm(s). Error code: SSL_ERROR_NO_CYPHER_OVERLAP

    The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
    Please contact the website owners to inform them of this problem.

Internet Explorer gives me this error:

This page can’t be displayed

Turn on TLS 1.0, TLS 1.1, and TLS 1.2 in Advanced settings and try connecting to https://server.example.com:10000  again. If this error persists, it is possible that this site uses an unsupported protocol or cipher suite such as RC4 (link for the details), which is not considered secure. Please contact your site administrator.

Usermin continues to work on port 20000. The virtualmin command line still works. I tried deleting the stored certificate in the browser, but still does not work. The options in Firefox to override this error also do not work. A search of the internet says that Webmin may be using RC4 protocol, which is obsolete.

I am the "site administrator" and do not know what to do here. Thanks.

Status: 
Active

Comments

It's possible that newer version of Webmin only support newer SSL/TLS ciphers that the Firefox doesn't support? Can you access Webmin using Chrome instead?

Also, can you paste in the contents of your /etc/webmin/miniserv.conf file?

bperet's picture
Submitted by bperet on Mon, 06/24/2019 - 09:39

I downgraded to 1.900-1 and restarted webmin, and now it works fine again. When restarting webmin I did get an unusual warning from systemctl: "Warning: webmin.service changed on disk. Run 'systemctl daemon-reload' to reload units." Never seen that before, but executed the command.

I upgraded again to 1.910 to get your miniserv.conf file, but now it works just fine. No idea what happened here, but if others run into this, just use yum to downgrade it, restart webmin, then upgrade again. Might have had something to do with that daemon-reload thing, which is over my head.