Advanced Admin Protection Read more about it.

Managing SSL Certificates in Virtualmin

thumb-up 1

This guide explains how to request, install, and manage SSL certificates in Virtualmin to secure your website with HTTPS. Using Let’s Encrypt, you can easily obtain free SSL certificates without root access, ensuring a secure browsing experience for your visitors.

Prerequisites

  • Virtualmin Access: You must have login credentials for the Virtualmin control panel.
  • Domain Configured: The domain you want to secure must be set up in Virtualmin.
  • Website Enabled: Ensure the website feature is active for your domain (usually enabled by default).
  • DNS Configured: Your domain’s DNS must point to your server’s IP address (contact support if unsure).

Step-by-Step Guide

1. Log in to Virtualmin

Access the Virtualmin control panel with your credentials. Select the domain you want to manage from the dropdown menu in the top-left corner.

2. Access SSL Certificate Management

  1. Navigate to SSL Settings:
    • In the sidebar, click Server Configuration, then select Manage SSL Certificate.
  2. View Current SSL Status:
    • The SSL management page will show any existing certificates or indicate if none are installed.

3. Request a Let’s Encrypt Certificate

  1. Go to Let’s Encrypt Tab:
    • On the Manage SSL Certificate page, click the Let’s Encrypt tab.
  2. Configure Certificate Details:
    • Domain Names: The domain (e.g., yourdomain.com) and optionally www.yourdomain.com will be pre-filled. Include any subdomains (e.g., blog.yourdomain.com) if needed.
    • Certificate Type: Choose Web (default for websites).
    • Months Before Expiry: Set to 2 or 3 months (Let’s Encrypt certificates are valid for 90 days and will auto-renew).
    • Validation Method: Select HTTP (Let’s Encrypt will verify ownership by placing a file in your web directory).
  3. Request Certificate:
    • Click Request Certificate. Virtualmin will contact Let’s Encrypt to issue the certificate.
    • If successful, you’ll see a confirmation, and the certificate will be installed.

4. Enable SSL for Your Website

  1. Activate SSL:
    • On the Manage SSL Certificate page, go to the Current Certificate tab.
    • Ensure the new Let’s Encrypt certificate is selected for Website.
    • Click Copy to Web to apply the certificate to your website’s configuration.
  2. Force HTTPS (Optional):
    • To redirect all HTTP traffic to HTTPS, go to Server Configuration > Website Redirects.
    • Create a redirect from http://yourdomain.com to https://yourdomain.com with a Permanent (301) type.

5. Test the SSL Certificate

  1. Visit Your Website:
    • Open a browser and go to https://yourdomain.com.
    • You should see a padlock icon in the browser’s address bar, indicating a secure connection.
  2. Check Certificate Details:
    • Click the padlock icon and view the certificate to confirm it’s issued by Let’s Encrypt and covers your domain.
  3. Test Subdomains:
    • If you included subdomains, test them (e.g., https://blog.yourdomain.com).

6. Manage or Renew Certificates

  • View Certificate Status:
    • In Manage SSL Certificate, check the certificate’s expiry date.
  • Auto-Renewal:
    • Let’s Encrypt certificates in Virtualmin are typically set to auto-renew before expiry. Verify this in the Let’s Encrypt tab.
  • Manual Renewal:
    • If needed, go to the Let’s Encrypt tab and click Request Certificate again to renew manually.
  • Delete Certificate:
    • If you need to remove a certificate, contact support, as this may require server-level changes.

Additional Tips

  • SSL for Subdomains:
    • Ensure subdomains are included in the certificate request or request separate certificates for each subdomain.
  • Mixed Content Issues:
    • After enabling HTTPS, check your website for mixed content warnings (e.g., HTTP resources on an HTTPS page). Update URLs in your website files to use https://.
  • Backup Certificates:
    • Download a copy of your certificate from the Current Certificate tab for safekeeping.

Common Troubleshooting

  • Certificate Request Fails: Ensure your domain’s DNS points to your server and port 80 is accessible. Contact support if the issue persists.
  • Website Not Secure: Verify the certificate is applied to the website in Manage SSL Certificate. Check for mixed content issues.
  • SSL Not Available: If you can’t access SSL settings, contact support to verify your account permissions.

For further assistance, contact our support team via the ShopWhizzy Helpdesk.

Categories: SSL
Tags: virtualmin  ssl  security 
Was this article helpful? 1 out 2 found this helpful
thumb-up thumb-down