Options for SSL cert when user connects to Usermin/Webmin with their own domain? [#68671]

Submitted by thedaemexco on Sat, 03/21/2020 - 10:44 Pro Licensee

Hi there,

We just have a question about the options we have in terms of users who want to use their own domains to access Usermin and Cloudmin. Currently, when a user attempts to log in to webmail.somedomain.com, it will redirect to somdomain.com:20000 as expected. The SSL cert, also as expected, is not trusted by the browser because Usermin is set for our certificate which the client does not hace access to. As support engineers who deal with this every day, we know that a self-signed certificate is harmless. The problem comes when you have to explain it to every client and the process become very cumberson. Would you guys have any solution in mind that would allow the user to access Usermin and Webmin through their domains with a valid certificate? We know this can be done usually if we setup a proxy directive with it's own SSL configuration and it proxies the data from Usermin and Webmin but the challenge would be how to implement this for all our new clients and how the system would be able to automatically setup the SSL's needed in the proxy configuration. We are all about the small details so we want to get this right.

Looking forward to hearing back from you guys, thank you!

Status:

Closed (fixed)

Comments

Submitted by Ilia on Sat, 03/21/2020 - 11:19 Comment #1

Hi,

It should easily doable already, as Webmin could listen on all available interfaces on your system, and then users should be able to connect using their domainname:10000 or domainname:20000 (considering its the same system). About providing appropriate certificate per domain basis, it's also possible right now, and can be setup to be done automatically in Virtualmin from Server Configuration/SSL Certificate/Service Certificates page.

You could also do it manually by adding per-domain key=value strings, to /etc/webmin/miniserv.conf file, like:

ipcert_DOMAINNAME.COM,*.DOMAINNAME.COM=/home/DOMAINNAME.COM/ssl.cert
ipkey_DOMAINNAME.COM,*.DOMAINNAME.COM=/home/DOMAINNAME.COM/ssl.key

Submitted by thedaemexco on Sat, 03/21/2020 - 15:10 Pro Licensee Comment #2

Ah, ok we will look into this and see if we can implement something by tomorrow. I appreciate the update! That's what we like about Virtualmin,Webmin,Cloudmin... there's always a way. I can't say the same for CPanel. Not sure what we would have done without Webmin, honestly. Thanks again for the response, we'll get back to you.

Submitted by Ilia on Sat, 03/21/2020 - 15:33 Comment #3

Thank you for your kind words! Appreciate it!

Submitted by thedaemexco on Sun, 03/22/2020 - 10:28 Pro Licensee Comment #4

This issue can be closed, thanks!

Submitted by Ilia on Mon, 03/23/2020 - 05:52 Comment #5

This issue can be closed, thanks!

You are very welcome. Good luck!