Transfering SSL to Webmin

8 posts / 0 new
Last post
#1 Fri, 02/10/2017 - 01:35
bojkic

Transfering SSL to Webmin

Hi and thank you in advance!

I have latest virtualmin and webmin installed on Ubuntu 16.04. I have successfully transferred Let's encrypt SSL cerificate from my domain to webmin before and it worked well. However, yesterday my certificate expired and I renewed it and got this message:

"Requesting a certificate for ***********.com, www.***************.com from Let's Encrypt .. .. request was successful! Configuring webserver to use new certificate and key .. .. done

Copying certificate and key to /etc/usermin .. .. done

Configuring Usermin to use them .. Failed to request certificate : Failed to open PID file"

Trying to do transfer SSL certificate manualy to Webmin gets me this message again:

"Copying certificate and key to /etc/usermin .. .. done Configuring Usermin to use them .. Failed to open PID file"

What I have to admit is that, because someone hacked usermin webmail to send spam, and I don't use it as this is just mine server that I don't use for mail, I have disabled many options that are referring to usermin and webmail, and probably something of those options is needed and shared with Webmin when it comes to certification. Can you help me find out what is necessary to be enabled for successful transfer of domain SSL to Webmin and Virtualmin administration user?

Fri, 02/10/2017 - 11:38
andreychek

Howdy,

Hmm, in theory Usermin shouldn't have to be running in order to copy an SSL cert to it, or to Webmin.

Is it errorring after the above messages?

Also, what if you go into the domain that has the SSL certificate, and you click the "Copy to Webmin" button, does that work properly?

-Eric

Mon, 02/13/2017 - 06:31 (Reply to #2)
bojkic

Thanks Eric!

Yes, after trying this my certificate is invalid (old one is still used for webmin). As I have said in my initial message trying to copy certificate manualy (from Manage SSL Certificate page) from any of my domains to webmin or usermin results in the same error message.

Just another symptom I have noticed. When I go to Manage SSL Certificate page on my main domain there stands a message: "This SSL certificate is already being used by : Usermin" And then I don't have option to "Copy to Usermin", but there is an option "Copy to Webmin" and pressing it I get the same error. That is why I still think that disabling some part or option of usermin prevents copying of the certificate to webmin.

Sun, 02/12/2017 - 21:03
tpnsolutions
tpnsolutions's picture

Hey,

Very odd error. Does this happen repeatedly?

Try restarting webmin and usermin then re-attempt to renew the cert.

Best Regards,
Peter Knowles
TPN Solutions

Email: pknowles@tpnsolutions.com
Best Regards,
Peter Knowles | TPN Solutions
Email: pknowles@tpnsolutions.com | Skype: tpnassist
Mon, 02/13/2017 - 06:38 (Reply to #4)
bojkic

Yes, tried to renew certificate many times. Also tried copying certificate manually many times from Manage SSL Certificate page and from different domains (virtual servers) that are used on that server. No luck! :( Error appears "Failed to open PID file" and webmin still uses old certificate. I also noticed something which I explained in reply to eric.

thanks for trying to help me!

Mon, 02/13/2017 - 17:29
tpnsolutions
tpnsolutions's picture

Hi,

Try issuing the following command via SSH:

virtualmin install-service-cert --domain DOMAIN-TO-COPY-FROM.com --service webmin
virtualmin install-service-cert --domain DOMAIN-TO-COPY-FROM.com --service usermin

Let me know if that works for you.

Best Regards,
Peter Knowles
TPN Solutions

Email: pknowles@tpnsolutions.com
Best Regards,
Peter Knowles | TPN Solutions
Email: pknowles@tpnsolutions.com | Skype: tpnassist
Mon, 08/07/2017 - 10:25
hjm

I don't know if it helped hoim, but i do knwo that you just saved me. I was locked out becuse of HSTS.

Thanks

Mon, 01/29/2018 - 06:18
metrics

Try removing the old certificate files from the root of your website (outside the public_html folder). After I removed the old ssl.ca, ssl.cert, ssl.combined, ssl.csr, ssl.everything and ssl.key the installation did not longer gave me an error. I had to copy manually the certificate to postfix after that.

Topic locked