Expand virtualmin configuration templates for SSL

Hi,

We have a config that uses the ~/ssl folder for everything SSL related, except for settings we can't change. We would like to have the option to store the other features in that folder as well, like the tmp file created when making a CSR.

Thx in advance!

Status: 
Active
Files: 

Comments

Assigned: Unassigned ยป

Thanks, I'll pass this along to Joe for review!

Which specific files would you like stored in ~/ssl that aren't currently? Most of the paths can be set at System Settings -> Virtualmin Configuration -> SSL.

Hey,

specifically, as of I've seen, the files generated by generating a CSR:

Generating self-signed certificate and private key .. Failed to generate CSR : Failed to open /home/foo/ssl.newkey.webmintmp.9155 : Permission denied

That's surprising! Does the user foo have write access to /home/foo ?

Nope, I build a construction which uses chroot and sftp instead of ftp in which the home dirs have root as user, foo as group and permissions set to 750, thats why the other folders are in place so users can still do other stuff

Ok, that's not really compatible with Virtualmin, sorry.

Well it works really well for now, and I don't see why this one file could be included in the settings. If you'd point me towards the source I'm willing to change things around mysellf and commit the changes

Well, for several functions, Virtualmin relies on the Virtual Server owner being able to write to their own homedir.

There's features that won't work properly without that.

You're of course welcome to modify it to work for you though if that's what you're after... you can find the Webmin source in /usr/share/webmin/, and the Virtualmin source is in the virtual-server directory under that.

Note that we wouldn't be able to assist with the coding for that here, though you're welcome to ask questions about that in the Forums.

Well, for several functions, Virtualmin relies on the Virtual Server owner being able to write to their own homedir.

I'm aware of that, and it works quite well since I wrote a little script to chown the owner of the homedir before every action.

Maybe I could give another perspective on the question by asking why "Command to run before making changes to a server" isn't ran before creating a CSR ? That would also fix my issue