This forum uses cookies
This forum makes use of cookies to store your login information if you are registered, and your last visit if you are not. Cookies are small text documents stored on your computer; the cookies set by this forum can only be used on this website and pose no security risk. Cookies on this forum also track the specific topics you have read and when you last read them. Please confirm whether you accept or reject these cookies being set.

A cookie will be stored in your browser regardless of choice to prevent you being asked this question again. You will be able to change your cookie settings at any time using the link in the footer.

Sentora, SSL, Webmin
#1
Sentora, SSL, Webmin
After discovering Webmin is compatible with Sentora, I decided to go that route for updates and firewall control, but I have hit a snag.

Installed Sentora - everything working fine, did not yet set up SSL for the panel.

Installed Webmin - everything working fine using its default self-signed cert. Address the same as above except for the port specification of :10000.

Use let'sEncrypt to secure the Sentora panel then -->

Sentora working properly and under SSL.
Webmin unreachable entirely.

I am not sure what to do. Writing this I am asking myself if I need to add more "stuff" (for Webmin) in the Global Sentora entry to cover Webmin on port 10000?

Honestly, I have zero direction at this point, hopefully someone can help since it would appear this is not the first time this has been attempted. Any help appreciated as I did not expect this failure.
Everyone makes mistakes, but to truly screw up it takes the root password!
Thanks given by:
#2
RE: Sentora, SSL, Webmin
OK, so I can reach Webmin via the machine's local IP:

Code:
https://xxx.xxx.xxx.xxx

...and it seems to be behaving fine. I am pretty sure I need to associate the Let'sEncrypt SSL from Sentora to Webmin via the Webmin SSL module, but have no direction in doing so and fear if I do something wrong I will no longer be able to reach Webmin or Sentora.

Guidance appreciated.
Everyone makes mistakes, but to truly screw up it takes the root password!
Thanks given by:
#3
RE: Sentora, SSL, Webmin
From Webmin's "Upload Certificate" option, I entered my data from the Let'sEncrypt certificate that was already generated for Sentora on the same URL address. This all looks right now, but simply does not work any differently than before I imported everything. Thoughts anyone?

[Image: MxuUJ8L.png]
Everyone makes mistakes, but to truly screw up it takes the root password!
Thanks given by:
#4
RE: Sentora, SSL, Webmin
My settings: (No custom Sentora settings at all)
Webmin Configuration>SSL Settings>
  1. SSL Enabled
  2. Private Key file: /etc/letsencrypt/live/cp.domain.com/privkey.pem
  3. Certificate File: Separate: /etc/letsencrypt/live/cp.domain.com/cert.pem
  4. Redirect non-SSL requests to SSL mode? Yes
  5. SSL Protocol version: Detect Automatically
  6. SSL Reject all; except TLSv1.2
  7. Allow Compressed: Yes
  8. Force Use server cipher order: No
  9. Allowed SSL ciphers: Detect Automatically
Webmin Configuration>Let's Encrypt>
  1. Hostnames for cert: cp.domain.com
  2. Apache Root directory for validation file: Apache virtual host matching hostname
  3. Copy new key and certificate to Webmin? Yes
  4. SSL key size:  Default
  5. Months between automatic renewal: Only renew manually

Did not 'Upload Certificate'.
-TGates - Project Council

SEARCH the Forums or read the DOCUMENTATION before posting!
Support Sentora and Donate: HERE

Find my support or modules useful? Donate to TGates HERE
Developers and code testers needed!
Contact TGates for more information
Thanks given by: worksmarter
#5
RE: Sentora, SSL, Webmin
This is not working for me yet and Webmin keeps changing the data in the Let'sEncrypt tab to:

Code:
Website root directory for validation file
to
Other directory --> /etc/sentora/panel/

and to be clear, I am not supposed to click on either of the radio buttons - at the bottom of the Let'sEncrypt page?

Is it possible I need to go into Sentora and make either the root domain or the root and the control panel subdomain that comes before it (like cp.domain) in Sentora?

Your post was so concise, I thought for sure it would work for me. Dang!

Have a meeting to go to - will return later. Many thanks.

Douglas

This is a domain or DNS thing, for if I put the local IP/URL into my Windows host file, it works and does not complain about the cert being self-signed and also says the certificate is from Let'sEncrypt...
Everyone makes mistakes, but to truly screw up it takes the root password!
Thanks given by:
#6
RE: Sentora, SSL, Webmin
Hmmm, well, here is my /etc/webmin/miniserv.conf:

Code:
port=10000
addtype_cgi=internal/cgi
realm=Webmin Server
logfile=/var/webmin/miniserv.log
errorlog=/var/webmin/miniserv.error
pidfile=/var/webmin/miniserv.pid
logtime=168
ppath=
ssl=1
no_ssl2=1
no_ssl3=1
no_tls1=1
no_tls1_1=1
env_WEBMIN_CONFIG=/etc/webmin
env_WEBMIN_VAR=/var/webmin
atboot=1
logout=/etc/webmin/logout-flag
listen=10000
denyfile=\.pl$
log=1
blockhost_failures=5
blockhost_time=60
syslog=1
session=1
premodules=WebminCore
userfile=/etc/webmin/miniserv.users
keyfile=/etc/letsencrypt/live/cp.domain.com/privkey.pem
passwd_file=/etc/shadow
passwd_uindex=0
passwd_pindex=1
passwd_cindex=2
passwd_mindex=4
passwd_mode=0
passdelay=1
cipher_list_def=1
sudo=1
no_sslcompression=
ssl_honorcipherorder=0
certfile=/etc/letsencrypt/live/cp.domain.com/cert.pem
no_tls1_2=
ssl_redirect=1
extracas=
logouttimes=
preroot_root=authentic-theme
root=/usr/share/webmin
mimetypes=/usr/share/webmin/mime.types
server=MiniServ/1.831
-TGates - Project Council

SEARCH the Forums or read the DOCUMENTATION before posting!
Support Sentora and Donate: HERE

Find my support or modules useful? Donate to TGates HERE
Developers and code testers needed!
Contact TGates for more information
Thanks given by: worksmarter
#7
RE: Sentora, SSL, Webmin
Thank you so much Tom for posting the miniserv file as well as your prior help. In doing so you made me think about what I said myself:

Quote:This is a domain or DNS thing, for if I put the local IP/URL into my Windows host file, it works and does not complain about the cert being self-signed and also says the certificate is from Let'sEncrypt...

Wouldn't you know a browser cannot connect through a hardware firewall and router unless the dang fool port is open and routed!!!

Sorry to have wasted your time trying to help me but I thank you for it. This is just yet another example of when sometimes I don't see the forest for all of the trees in front of me! Thanks again all is working as it should.

Anyone reading this, other than walking away with, "Don't do what I did..." I can assure you installation and operation of Webmin along side of Sentora works fine and is not melodramtic at all, just remember to open the port(s) for it.
Everyone makes mistakes, but to truly screw up it takes the root password!
Thanks given by: peterfam , TGates


Possibly Related Threads…
Thread Author Replies Views Last Post
Is Sentora dead? rajeevrrs 2 3 ,969 12-17-2022, 09:20 AM
Last Post: TGates
Sentora debug and error files johnnyp 0 1 ,589 10-27-2022, 06:16 PM
Last Post: johnnyp
Transfer Account to another Sentora BenI 1 3 ,332 07-21-2022, 07:19 PM
Last Post: Nigel

Forum Jump:


Users browsing this thread: 2 Guest(s)