Bobcares
Client Area
Emergency Support
Apache | Latest | Server Management

Install SSL certificate on Apache with Webmin – Related errors and fixes

by | May 10, 2019

SSL is one of the standard technology to authenticate and encrypt communication between clients and servers.

Also, SSL encrypts network traffic so that an attacker cannot listen to sensitive information like passwords and credit card numbers on the network.

In some control panels like Webmin, there is a feature to install SSL certificate on Apache to secure website sensitive data.

At Bobcares, we often get requests from our customers to install and configure SSL certificate on Apache with Webmin as part of our Server Management Services.

Today, we’ll see how our Support Engineers install and configure SSL certificate on Apache with Webmin and fix the related errors.

 

How to install Apache SSL certificate with Webmin

SSL is a protocol for establishing secure and authenticated connections across an unsafe network like the Internet.

Let’s see how our Support Engineers installed Apache SSL certificate by using Webmin.

 

Pre-requirements

Before the installation process starts, we need some pre-requirements as follows.

1. The OpenSSL should installed in Webmin

2. A generated CSR for the website.

3. Uploaded private key.

4. Need the files “example_com.crt” and “example_com.ca-bundle” from the SSL provider.

Once the Certificate Authority issues the SSL certificate, it is time to install it on the server.

 

SSL certificate installation procedures

To install the SSL certificate with Webmin, we took the following steps.

1. We logged into the Webmin interface.

2. Then our Support Engineers clicked on Others > File Manager. Navigate to the folder where the private key contains, then we clicked on File > Upload to current directory in the top right corner. After that, uploaded the certificate (your_domain_name.cer) and the CA Bundle.

3. Once the file is uploaded, go to Server > selected Apache Web server.

4. Then, we clicked on Create Virtual Host and selected Any address and enabled Listen on port.

After that, we filled the following parameters too.

  1. Port: 443.
  2. Document Root:  Root path of the website that wants to secure.
  3. Server Name: Website’s domain name.
  4. Add virtual server to file: Choosed New file under virtual servers directory /etc/apache2/sites-enabled
  5. Copy directive from: Selected Automatic in the dropdown menu.

After doing these settings, we clicked on Create Now.

4. Now the virtual host listening on port 443 appeared on Apache Web server page.

5. Then we clicked on the newly created server to open its settings, then we clicked on SSL Options.

6. At last, we enabled SSL and disabled SSLv2, SSLv3 and TLSv1. In addition, we specified the paths to the domain certificate, to the private key and to the CA Bundle files in the corresponding fields and clicked Save button.

 

How we fixed  errors related to Apache SSL certificate in Webmin

Let’s see how our Support Engineers fixed errors related to Apache SSL certificate on Webmin.

 

1. Missing CA certificate

Recently, one of our customers had a website issue after installing the Apache SSL certificate in Webmin. The error looked like,

Then our Support Engineers identified that the problem was due to the improper Apache SSL certificate installation in Webmin.

In Virtualmin,

1. We logged into Virtualmin.

2. Then we go to Server Configuration -> Manage SSL Certificate -> CA Certificate.

3. We uploaded the right cert.

4. At last, we restarted the Apache service.

/etc/init.d/apache2 restart

 

That’s it. This is how we fixed the issue.

 

2. SSL protocol issue

Similarly, another customer had a website issue, his website worked fine with non SSL but when switched to https, he had an ERR_SSL_PROTOCOL_ERROR in the browser.

Then our Support Engineers took the following steps to solve the error.

1. Firstly, we checked the apache error log /var/log/apache2/error.log and got the error like,

[Tue May 02 09:55:23.077848 2017] [ssl:warn] [pid 12276] AH01906: urlofmyvirtualhere:443:0 server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)>/code>

2. Then we opened ssl.conf and verified the SSL parameters in settings.

vi /etc/apache2/sites-enabled/000-default-ssl.conf

3. We found that SSLProtocol TLSv1.2  code was commented. Therefore it won’t execute.

4. After that, we uncommented the SSLProtocol TLSv1.2 and saved the file.

5. Finally, we restarted the Apache service.

/etc/init.d/apache2 restart

That’s fixed the problem.

[Having trouble after installing Apache SSL certificate in Webmin? We’ll fix it for you.]

 

Conclusion

In short, Apache SSL certificate is a standard technology for establishing secure and authenticated connections across insecure networks. Today, we saw how our Support Engineers installed Apache SSL in Webmin and fixed related errors.

Related posts:

  1. “Error code ssl_error_rx_record_too_long” in Webmin – How to fix
  2. SSL_ERROR_BAD_CERT_DOMAIN – Top 3 fixes
  3. How to Convert cPanel SSL Certificate in PEM format to PFX
  4. SSL3_READ_BYTES: SSLV3 alert handshake failure – How to fix?

PREVENT YOUR SERVER FROM CRASHING!

Never again lose customers to poor server speed! Let us help you.

Our server experts will monitor & maintain your server 24/7 so that it remains lightning fast and secure.

GET STARTED

var google_conversion_label = "owonCMyG5nEQ0aD71QM";

0 Comments

Submit a Comment

Your email address will not be published. Required fields are marked *

server management

Spend time on your business, not on your servers.

TALK TO US

Or click here to learn more.

Related Articles

  1. “Error code ssl_error_rx_record_too_long” in Webmin – How to fix
  2. SSL_ERROR_BAD_CERT_DOMAIN – Top 3 fixes
  3. How to Convert cPanel SSL Certificate in PEM format to PFX
  4. SSL3_READ_BYTES: SSLV3 alert handshake failure – How to fix?

Never again lose customers to poor
server speed! Let us help you.

GET STARTED

Privacy Preference Center

Consent Management

When you visit any website, it may store or retrieve information on your browser, mostly in the form of cookies. This information might be about you, your preferences or your device and is mostly used to make the site work as you expect it to. The information does not usually directly identify you, but it can give you a more personalized web experience.

Because we respect your right to privacy, you can choose not to allow some types of cookies. Click on the different category headings to find out more and change our default settings. However, blocking some types of cookies may impact your experience of the site and the services we are able to offer.

Privacy Policy

Required
By using this site, you agree to our Privacy Policy.

Necessary

Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. The website cannot function properly without these cookies.

PHPSESSID - Preserves user session state across page requests.

gdpr[consent_types] - Used to store user consents.

gdpr[allowed_cookies] - Used to store user allowed cookies.

Cookies Used

Required
PHPSESSID, gdpr[consent_types], gdpr[allowed_cookies]

livechat.bobcares.com

Opt Out
PHPSESSID

my.bobcares.com

Opt Out
WHMCSpKDlPzh2chML

Statistics

Statistic cookies help website owners to understand how visitors interact with websites by collecting and reporting information anonymously.

_ga - Preserves user session state across page requests.

_gat - Used by Google Analytics to throttle request rate

_gid - Registers a unique ID that is used to generate statistical data on how you use the website.

smartlookCookie - Used to collect user device and location information of the site visitors to improve the websites User Experience.

Cookies Used

_ga, _gat, _gid

google.com

Opt Out
_ga, _gat, _gid

manager.smartlook.com

Opt Out
smartlookCookie

clarity.microsoft.com

Opt Out
_clck, _clsk, CLID, ANONCHK, MR, MUID, SM

Marketing

Marketing cookies are used to track visitors across websites. The intention is to display ads that are relevant and engaging for the individual user and thereby more valuable for publishers and third party advertisers.

IDE - Used by Google DoubleClick to register and report the website user's actions after viewing or clicking one of the advertiser's ads with the purpose of measuring the efficacy of an ad and to present targeted ads to the user.

test_cookie - Used to check if the user's browser supports cookies.

1P_JAR - Google cookie. These cookies are used to collect website statistics and track conversion rates.

NID - Registers a unique ID that identifies a returning user's device. The ID is used for serving ads that are most relevant to the user.

DV - Google ad personalisation

_reb2bgeo - The visitor's geographical location

_reb2bloaded - Whether or not the script loaded for the visitor

_reb2bref - The referring URL for the visit

_reb2bsessionID - The visitor's RB2B session ID

_reb2buid - The visitor's RB2B user ID

Cookies Used

IDE, test_cookie, 1P_JAR, NID, DV, NID

doubleclick.net

Opt Out
IDE, test_cookie

google.co.in

Opt Out
1P_JAR, NID, DV

google.com

Opt Out
NID

olark.com

Opt Out
hblid

rb2b.com

Opt Out
_reb2bgeo, _reb2bloaded, _reb2bref, _reb2bsessionID, _reb2buid

Security

These are essential site cookies, used by the google reCAPTCHA. These cookies use an unique identifier to verify if a visitor is human or a bot.

Cookies Used

SID, APISID, HSID, NID, PREF

google.com

Opt Out
SID, APISID, HSID, NID, PREF