Virtualmin: Break sharing SSL certificates

On Mon, 19 Dec 2016 19:31:54 +0100 by Falco Nordmann

I recently ran into some problems trying to activate https for some virtual servers in Virtualmin. After enabling SSL for the virtual server and clicking Manage SSL Certificate I got the message

This virtual server shares its SSL certificate with, so it cannot be edited on this page. Use its Manage SSL Certificate page to change SSL settings.

Since has a wildcard certificate *, I think that Virtualmin tries to be smart and wants to use the same certificate for, which will not work since is not part of *

To get around this and allow separate SSL configuration for one need to break the link between these both virtual servers SSL configurations. To do so, first find the Virtualmin configuration for the given virtual server:

root@host:~# cd /etc/webmin/virtual-server/domains
root@host:~# grep -rFx '' .

Open the file and edit the ssl_cert, ssl_key and ssl_chain directives to point to a location individual for the virtual server. Do not use locations served by the apache webserver!

ssl_cert  = /var/www/vserver/
ssl_key   = /var/www/vserver/
ssl_chain = /var/www/vserver/

Now delete the ssl_same=… directive from the configuration. This will isolate the SSL configuration for this virtual server.

Save the configuration, and in Virtualmin click Manage SSL Certificate again. You are now able to change SSL settings for the given virtual server.


Write a comment
* optional