Ryan's picture

Please forgive my ignorance in any of the questions I am about to ask. I was trying to change the SSL cert for Webmin so I would not be prompted each time that my certificate was not valid. I have done this before, but I must have done something wrong this time. Now, when I go to https://<address>:12321, it automatically redirects me to https://localhost:10000 and the page errors out with a connection refused message. 

From what I can tell from the changelog and my own research, stunnel4 is serving up webmin at port 12321 even though webmin itself is running on a different port (is it 10000?). When I run netstat -nlp, it indicates that perl is listening on port 10000. 

I am thinking I might have messed up the stunnel configuration, but I am not sure how. I am running the new Joomla 3 appliance. Any help is greatly appreciated.

Forum: 
Ryan's picture

I just figured out the issue... I think. I went into the Webmin Configuration SSL Encryption section, which controls the perl SSLeay module. Since stunnel is handling the encryption for this appliance, I think enabling SSL in this section automatically makes Webmin inaccessible through the web interface. 

So, if this is correct, how do I go about manually changing this back to 'No' since I can no longer access Webmin via the browser? Where is the configuration for the Perl SSLeay module stored? 

Ryan's picture

Okay, I found out the issue and fixed it! If anyone tries to enable SSL in the SSL Encryption section under Webmin Configuration, it will automatically block web access to webmin. To manually fix this, go to 

/etc/webmin/miniserv.conf 

and change

ssl=1

to 

ssl=0

and restart webmin. Access restored! Since it appears that the SSL encryption section under the Webmin Configuraiton is no longer useful now that stunnel is used, is there any way to make sure this is clear for any future updates? 

Jeremy Davis's picture

Although it sounds like we need to further ponder the implementation...

PS thanks for the heads up

ufn's picture

Well, your solution works!

Add new comment