TurnKey Linux Virtual Appliance Library

Webmin "Create Certificate" Fails in 11 Magento

L. Arnold's picture

Hello,

I just now "created" a new ssl Certificate in Magento (Webmin/editssl.cgi) and now I can't get into Webmin.

I still have access into SSH (and because of this I don't want to Restart the Instance.  I have tried setting the Webmin cert from the Cert Defined in /etc/webmin/miniserv.pem to /etc/ssl/certs/cert.pem but no luck.

I think It maybe just a restart is needed, but worried to do so.

How to fix?

thank you.

Jeremy's picture

Something to try...

Not sure whether it's relevant, but perhaps its worth trying a different browser? If you have saved an exception for the original cert perhaps its upsetting the browser (maybe it thinks there's something dodgey going on)?

L. Arnold's picture

good thought.. but not the browser

Just tried in Chrome and Explorer.  Same result as in Firefox.

Apache is still putting out Good (Turnkey orig) SSL. for Magento

SSH still allowing me to get in.

It appears I was projecting a new cert just into the Webmin SSL settings themsleves, not the Apache or full Machine versions (etc/webmin). 

L. Arnold's picture

Really looking to put a new CSR in on the BOX and new SSL

I need to put some "accepted" SSL up, which is where this started.  Have done Comodo and GeoTrust in older TKL installs but was just exploring version 11.  I have looked at a separate instance and even if I duplicate miniserv.conf Webmin still will not start.

I hae not yet found how to "restart" webmin rather than Apache or the whole machine.

thanks for any help.

Considering a "tklbam" restore but doubt it is just the etc/webmin folder (likely something with the keychains).

Jeremy's picture

From memory Webmin runs under lighttpd (not apache)

So you should just be able to restart that on its own.

L. Arnold's picture

restarted Webmin on its own,.. no result

used:

ran the following to no measurable result

/etc/init.d/webmin restart

strange thing was

/etc/init.d/webmin status (told me there is no webmin file in "usr/share" directory

Coulnd't get a "status" basically.

I probably will restart full system but holding my breath still.  Thinking a partial restore in TKLBAM might be the better route.

thank you,

Jeremy's picture

I meant restart Lighttpd

Webmin is a web app that runs under Lighttpd (lightweight web server somewhat similar to nginX). So try:

/etc/init.d/lighttpd restart

L. Arnold's picture

lots of cool stuff in that folder... but no lighttpd

nothing starts with letter L in fact.  looks like you can do other things there though.

Jeremy's picture

I stand corrected (again) :)

You are right! It looks like Webmin has it's own service in v11 (or perhaps it always was? - but I'm sure it ran under lighty in v2009.x).

Well the command you tried already (/etc/init.d/webmin restart) should work. I just tested starting and stopping it on a clean v11 (Core) install and it starts and stops fine. Not sure where to from here?

PS There are lots of cool things in there! :)

L. Arnold's picture

fixed in w/ TKLBAM

ran

tklbam-restore (#) --skip-database 

and it worked.

I couldn't figure out how to use the "limits" command but thought about it and the only work I had done was in the Database besides the stupid Cert work  (need to work on the Cer subject I do)..

There is a post on the forum about how to put a Authoritative CERT in.  I assume it is still good.  It would be nice if there was a WEBMIN CSR generator (that was what I was really looking to do when all this went awry).

thank you for your help today!

L. Arnold

Jeremy's picture

Cool, TKLBAM to the rescue!

And I would assume that the post about certs is still relevant, but only one way to find out! :)

L. Arnold's picture

looking at TKLBAM (unclear how to use Limits)

(This post should be moved up a bit in the thread)!!

 

Manual says the following:  How do I specify  /etc/webmin and /etc/ssl/*  but not change anything else

 

--limits=LIMITS: Restore filesystem or database limitations

LIMITS := " LIMIT -1 .. LIMIT -N"
LIMIT := -?( /path/to/include/or/exclude | mysql:database[/table])

Post new comment

The content of this field is kept private and will not be shown publicly. If you have a Gravatar account, used to display your avatar.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Allowed HTML tags: <a> <p> <span> <div> <h1> <h2> <h3> <h4> <h5> <h6> <img> <map> <area> <hr> <br> <br /> <ul> <ol> <li> <dl> <dt> <dd> <table> <tr> <td> <em> <b> <u> <i> <strong> <font> <del> <ins> <sub> <sup> <quote> <blockquote> <pre> <address> <code> <cite> <strike> <caption>

More information about formatting options

Leave this field empty. It's part of a security mechanism.
(Dear spammers: moderators are notified of all new posts. Spam is deleted immediately)