Webmin, by default, operates on port 10000 using a self-signed SSL certificate, leading to security warnings in browsers. Many organizations prohibit the use of self-signed certificates for security reasons.
Let’s Encrypt, a free, open certificate authority provided by the Internet Security Research Group (ISRG), offers complimentary SSL certificates valid for 90 days. These certificates can be manually renewed or set to auto-renew before expiration.
This guide explains how to install a Let’s Encrypt SSL certificate for your Webmin hostname.
Updating Webmin Hostname
Ensure your Webmin is linked to a valid domain name. Select a domain or subdomain for Webmin and update the DNS entry to direct to your Webmin server.
Modify the system hostname via the Webmin dashboard, using admin credentials. This changes the system’s hostname and updates the /etc/hosts file, associating the hostname with the local IP address.
Configuring Let’s Encrypt Certificate in Webmin
With a fully qualified domain as your system hostname, confirm that it correctly points to your Webmin server’s IP. Online DNS record tools can assist in verification.
Steps to configure Let’s Encrypt SSL in Webmin:
- Go to Webmin (in left sidebar)
- Click Webmin Configuration
- Click on “SSL Encryption” as shown in screenshot
- Go to “Let’s Encrypt” tab”
- Enter your hostname under “Hostnames for certificate”. For example, I have used webmin.tecadmin.net.
- Select “Other directory” Under Website root directory for validation file and set path as “/var/www/html”
- Under “Months between automatic renewal”, set value to 1. This allows ssl to be auto renews before 1 month of expiry.
- Verify all details again and press Request Certificate button
- On successful, you will see the result like below.
- All done
Let’s Encrypt SSL certificate is successfully configured for the Webmin hostname.
Testing the SSL Certificate
Access Webmin via HTTPS using the system hostname on port 10000. The browser should now display a valid SSL certificate.
Example: https://webmin.yourdomain.net:10000
Conclusion
This tutorial provided steps to set up a Let’s Encrypt SSL certificate for your Webmin hostname. Additionally, use an online SSL checker tool to verify the SSL certificate, ensuring you include the full URL and port.
4 Comments
Thank you so much
This did not work for me my webmin runs on a non standard port not the well know 10000
Also there is no /var/www/html directory
So I get:
Failed to request certificate : Website document directory does not exist
Ubuntu 20.04 install. The server runs a number of services.
I want to be able to access webmin using SSL. To monitor the server.
Any help or advice appreciated.
Thanks for this post.
I have follow this steps and on last one when Cert is issued is also I got a ..done!!!
But problem is when I open again in browser my connection is still not secured.
Have you any idea what can be the problem ?
“The default Webmin listen on port 10000 with self singed SSL certificate. You will see a security warning in web browser like certificate is not trusted. Many of the organization do not allow to use self singed certificates for several reasons.”
I wonder is it there options to add SSL for http://www.example.com:10000 for that port ? Or this must be resereved for domain name but not include port 1000 ?
Thanks