This website is deprecated, and remains online only for historic access to old issues and docs for historic versions of Virtualmin. It has been unmaintained for several years, and should not be relied on for up-to-date information. Please visit www.virtualmin.com instead.

SSL doesn't seem to be working...

2 posts / 0 new

Topic locked

Last post

#1 Thu, 05/12/2016 - 06:26

donnysobonny

SSL doesn't seem to be working...

Hey all,

So i'm having trouble setting up ssl on a virual host. I have the website "extorio.com" set up as a virtual host, and the "SSL website enabled?" feature is ticked in the enabled feature list, however when I navigate to https://extorio.com, i get the following screen in firefox (and a similar one in chrome):

https://drive.google.com/file/d/0B7QnP5_0VHXMR180NzN5OUhLOVE/view?usp=sh...

As you can see on this screen below, the ssl cert has been set up as a self-signed cert (this was done by virtualmin when initially enabling SSL on this virtual host):

https://drive.google.com/file/d/0B7QnP5_0VHXMXzJGeXM3QUpvZ28/view?usp=sh...

However, when I run the following code from the command line openssl s_client -connect extorio.com:443 I get the following result:

CONNECTED(00000003) 140084065588896:error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol:s23_clnt.c:795: --- no peer certificate available --- No client certificate CA names sent --- SSL handshake has read 7 bytes and written 295 bytes --- New, (NONE), Cipher is (NONE) Secure Renegotiation IS NOT supported Compression: NONE Expansion: NONE ---

I would really love to be able to use the SSL feature of virtualmin for websites that I am managing through the system, does anyone have any ideas on what might be causing the issue here?

Many thanks in advance.

#2 Thu, 05/12/2016 - 08:37

donnysobonny

So i'm not 100% sure what the issue was, whether it was my wrong-doing or maybe a default-configuration issue with virtualmin, however here's how I solved the problem:

My virtual hosts are set up to have BIND DNS entries. When initially running the configuration check, webmin warned me that 127.0.0.2 was the detected IPv4 address due to a NAT firewall on my server. I changed the configuration settings to automatically detect the virtual host IP addresses and this appeared to stop the warning on the configuration check and all websites seem to run fine.

When setting up one of the virtual hosts with the SSL feature enabled, I noticed that webmin created two virtual host entries for the website, one for port 80 and one for port 443 (the port used for https). The entry for port 443 showed that the location was 127.0.0.2, while all other entries showed "Any". This was a clue as to what might have been causing the issue...

So I re-configured the virtualmin settings, manually setting the default IPv4 IP address to the external address of the server, which in-turn updated the vhost entries for all of the websites, fixing the 443 entry showing the location as "Any", and now the issue is solved!

Topic locked